4 Essentials Every Company Needs for an Incident Response Plan

Posted by Gaye Connell • Apr. 11, 2016 • 0 Comments

Behind nearly every cybersecurity breach in recent years is a business or organization that was left to grapple with the fallout. Indeed, organizations that suffer a major security incident can end up spending tens, or even hundreds of millions of dollars on remediation costs, fines, damages and other related breach incident response

However, even major breaches can be dealt with effectively when the affected organization has a formal incident response plan, making it one of your most important risk management solutions. Here are four key components of every good incident response plan.

Essential #1: Understand the full scope of the breach before responding

Once a cybersecurity breach is detected, it can be easy for organizations to resolve the immediately visible issue, then simply move on. Organizations often don’t effectively investigate the endpoints of the breach, or even what other systems may have been impacted. This makes it impossible to truly understand the scope of the breach, which is critical to formulating an effective response, and ensuring that your network is truly secure once the incident is resolved.

Essential #2: Involve your legal team immediately

Most security incidents don’t have legal repercussions, but that doesn’t mean it’s not a good idea to always seek legal advice when dealing with potentially sensitive information. While most breaches don’t require a legal response, it’s always a possibility, so it’s better to remain safe than sorry.

Essential #3: Ensure you’re communicating effectively and responsibly

Effective communication is crucial when it comes to how your organization is perceived by the outside world. If you release information that later turns out to be untrue, or fail to release information that should have been disseminated, it can look from the outside like your organization doesn’t have control of the situation.

Accordingly, it’s important to have a formal post-incident communication plan that lays out explicitly who’s responsible for conveying information, especially to those you’re legally obliged to notify, like anybody whose personal data was compromised.

Essential #4: Have a properly staffed response team

The results of any post-breach investigation are only as good as the expertise of those performing it. You need to make sure you have the right people investigating the incident, and the team as a whole should have a comprehensive mix of deep technical and IT knowledge, legal knowledge and human resources information. Make sure you have your team, outside resources, and plan in place before the breach that identifies what situation calls for what type of expertise.

By crafting an effective incident response plan, you can ensure that your company is always prepared to deal with the unexpected and prepare for future cybersecurity concerns. 

Contact Garland Heart today to find out how your organization can improve its incident response plan.
How to address cybersecurity with examiners. Download now.

Topics: Risk Assessment, Security

Throwback Thursday: Revisit Old Viruses at the Online Malware Museum

Posted by Gaye Connell • Apr. 7, 2016 • 0 Comments

In these times of mega-hacks and massive data breaches, technology risk assessment has become a fact of life for every business. In comparison to automated botnets, the “good old fashioned” human hacking of yesteryear seems quaint, even a little nostalgic. Do you remember the malware and viruses from the 1980s and 90s? The Online Malware Museum does.malware

A Trip Back to Simpler Times

The Internet Archive has long performed its mission of retaining copies of our internet history. As it turns out, that preservation instinct even includes viruses and malware.

At the Malware Museum, the archive presents a curated selection of nearly 70 destructive programs and routines, mostly viruses, with a bit of malware thrown in for flavor. The Archive’s coders have carefully removed all malicious code from the selection, leaving only the text messages and simple (once so ubiquitous and annoying) low-bit graphics that were once the cutting edge for hacker “trolling.”

After loading a simple DOSbox emulation module, visitors to the Museum can see what messages they might have received after a successful hacking on an old Windows 95 PC, or even older.

A Prized Collection

In keeping with the theme of simpler times, when hackers were motivated more by notoriety and a sense of the hunt than mercenary or political zeal, many of the exhibits could be termed outright charming.

Consider the SKYNET.COM virus, whose friendly missive, “Don’t be afraid. I am a very kind virus.” is only belied by the text heading “Terminator Message” above. Even its threat is kindhearted, as it warns, “I will let your computer slow down. Have a nice day, goodbye.”

The museum even offers visitors an insight into the prehistoric past of the memes that now dominate the internet. At the exhibit for the malware software Q FRODO.COM, the hacker exhibits the mix-and-match meta-commentary that’s so common in today’s meme world, with nothing but a flashing marquee proclaiming “FRODO LIVES!” in a mash-up reference to both Lord of the Rings and the death of Tupac Shakur.

Even nationalism takes it turn in the spotlight, as the malware ITALIAN.COM displays a 16-bit Italian flag overlaid with the declaration, “ITALY IS THE BEST COUNTRY IN THE WORLD.”

Visitors can even see the fetal form of the “V for Vendetta” meme that took place a decade before the movie’s release, as malware Q V SIGN.COM displays a simple graphic of the eponymous V logo.

Charming as the museum is, visitors can be forgiven for deciding that an exhibit of today’s malware and viruses would be much less friendly. Contact Garland Heart today to find out how you can keep your network safe in today's (not-so-friendly) cybersecurity landscape.
North Texas Bank Cyber Security Case Study

Topics: Webinars, cybersecurity, Legal

How to Retain Your Information Security Team

Posted by Gaye Connell • Apr. 5, 2016 • 0 Comments

Acquiring talented IT security professionals is a big task for any organization, especially considering the rapidly growing skill and generation gap in cybersecurity. In fact, the only thing that’s more difficult than acquiring highly skilled employees is figuring out how to retain them once they’re hired. This is particularly true given the highly competitive nature of the IT security industry, which means there are always other opportunities for growth and even offers for higher compensation waiting in the wings.information security team

For that reason, your biggest “selling point” to your organization’s own employees is finding a way to offer all of those benefits to them in-house. Along with competitive compensation, your company also needs to provide a stimulating and productive work environment, and plenty of opportunities for your IT professionals to learn new skills and work on challenging new goals.

Here’s how you can accomplish just that.

Outsource When Appropriate

One of the best ways to improve the “quality of life” at your workplace is to outsource the type of repetitive, mundane tasks that can become a drag on a highly skilled IT professional’s day. Routine tasks like penetration tests and vulnerability assessments can be entrusted to qualified third parties like Garland Heart, and vendor management companies can handle much of the “housekeeping” required by an office environment. Saving the challenging, stimulating work for your employees ensures they’ll appreciate their position more.

Location, Location

When it comes to retaining talent, your office location is an important tool. Organizations that maintain offices outside major cities have higher retention rates due to lower local competition. Similarly, locating your office near a university ensures a steady pool of young and eager new applicants.

Whether it’s cyber security consulting or simple network administration, you should seek to find the locational sweet spot that ensures you can find and retain the best employees.

Culture and Training

Maintaining an engaging company culture is critical for boosting your retention rates. For the best success, start from the bottom up by making sure that each individual team develops its own culture of growth and engagement, as well. 

Offering training programs is a great way to establish a vibrant company culture, and paying for your employee’s expenses for security certifications and other programs sends the message that you’re invested in their personal professional development. Don't forget that the culture needs to be supported from the top down.

Contact Garland Heart today to learn more about how you can leverage your skilled IT staff with our security team to boost your risk management success. 

Topics: IT, Corporate

What Do The Worst Passwords of 2015 Say About Us?

Posted by Gaye Connell • Mar. 31, 2016 • 0 Comments

weak passwordIn the 2015 edition of its annual worst passwords list, password management company SplashData revealed the 25 most common (and most easily compromised) passwords for the year. Based on an analysis of more than 2 million passwords revealed through searches of publicly available plain text data dumps, the report found that the Internet public is still clinging to its bad password habits.

Same Story, Same Verse

One of the surest signs that the message isn’t getting out is the continued presence of “123456” as the number one most common password, a position it has held since 2011. Indeed, even despite the fact that useful tools like password management software help mitigate the risk of relying on weak passwords, Internet users continue to rely on incredibly obvious choices. Chances are that your employees' bad password habits are no different.

Internet denizens have taken at least some best password practices to heart, as they’ve clearly heard the message that longer passwords are safer. Unfortunately, it seems that most users have misunderstood the lesson, as the most common method to “fix” weak passwords is simply appending additional digits at the end of the pattern, explaining the spot held by “1234567890” at number 12 on the list.

Signs of Hope

Fortunately, the report isn’t all bad news. The good news is that only 3 percent of users in the data sample were using one of the top 25 worst passwords, which is down from 4 percent in SplashData’s reports from previous years.

Still, the rampant use of extremely obvious passwords shows that we still face a pressing need to push the spread of alternatives to using bad passwords. The lesson that Internet security is itself important seems not to have taken hold, even despite the mounting numbers of headlines about yet another data breach.

Ultimately, the takeaway seems to be that, while Internet users are aware that their passwords play an important role in their own online security, they still don’t grasp how to do so effectively. And really, who can blame them? In a world where the best security advice is that you’re supposed to remember dozens of separate (and complex) passwords, is it any surprise that so many choose to rely on one or two very simple passwords instead?

It seems that the best solution remains the use of password management software, and that we should move away from password-based authentication entirely, whenever possible.

Contact Garland Heart today to learn more about how your organization can increase its password security compliance and boost the effectiveness of your risk management solutions.
New Call-to-action

Topics: IT, Security

2016 - Garland Heart says it's the year to ‘Be YOU!’

Posted by Brad Garland • Mar. 23, 2016 • 0 Comments

Every year we look to continue to be a company that has equal goals of profit with purpose, so the last 4 years we have created a theme (and corresponding t-shirt) to express that goal. This year we wanted our theme to have multiple meanings. We spent a lot of time thinking about what would be the best way we could help the world but also translate that idea into our clients. They are truly the ones that make this possible so why not do both. After a few iterations we landed on the theme - ‘Be YOU!’


Now, what does that mean?

At the end of last year, we invested in an assessment tool called Culture Index to help better understand ourselves as well as new recruits (since we’re hiring like crazy!). What it has done is given us the realization that regardless of what people want to do, convey how excited they are in an interview, or even pretend to be, we all have a specific wiring about us. We are who we are. When we emphatically say ‘Be YOU!’ what we mean is we should all aspire to focus on our unique traits and gifts while shedding the ones that aren’t who we are wired to be. Said another way, instead of focusing on our weaknesses, focus on our strengths!

That makes sense to us because we are creating a high performance team where some of us are wired to be in specific roles, and others are not. I’m not the details guy for example, I want to be but I’m just not wired that way! Similarly, our clients wear many hats each day that they aren’t suited to do. We feel like with our expertise, we can help them remove some of those hats. 

So at the end of the day we want people to focus on the best version of themselves they can be. Whether that means our employees using their gifts and talents to give to others, our clients focusing on the things they do best, or Garland Heart bringing a little more light to people around the world, we are up for the challenge.

Now go ‘Be YOU!’

Topics: Impacting Lives

5 Concerns Every CIO and CISO Will Face in 2016: Part 2

Posted by Gaye Connell • Mar. 2, 2016 • 0 Comments

Continuing from the previous post, here’s a look at the rest of the challenges that Chief Information Officers (CIOs) and Chief Information Security Officers (CISOs) face in 2016.

4. Reporting Linesinformation security

Consider the lines of reporting in your organization carefully. According to Jeff Spivey, international vice president of the Information Systems Audit and Control Association (ISACA), “the CISO should not report to the chief information officer.” It’s essential for the Chief Information Security Officer and team to have independence in the decisions they make, rather than having to run everything past the CIO.

Speed is critical when facing rapidly changing cyber security threats. Your organization’s IT security team must be able to make decisions quickly to protect the business. Empower your IT security experts to make decisions independently, so they can operate like a team that's expecting a strategic crisis in light of the huge range of threats that exists in 2016.

5. Cost Reduction and Controls

Cost reduction and controls go hand-in-hand in the cyber security industry. CIOs and CISOs alike must focus on the potential costs of a data breach in order to effectively protect your organization’s bottom line. Conduct a risk assessment on a regular basis to help identify where your data and systems are vulnerable to better associate potential costs a breach could cause your company. Don't forget to address the likelihood of a potential malicious attempt for those systems as well. You can now better allocate resources and strategically invest to mitigate impact to yourself.

In addition to cost reduction practices, executives in C-level information security positions should consider using third-party vendor management and compliance services. These services can often offer more cost-effective and comprehensive solutions than most can achieve in-house. Largely due to the specific focused experience, allocated time, and broader perspective required to tackle this continued hot topic.



CIOs and CISOs face many cyber security challenges in 2016. With budgets stagnant or even shrinking in many organizations, IT professionals need to find cost-effective ways of protecting against a rapidly evolving range of threats. Encourage agility, flexibility and innovation in your organization to stay safe in 2016.

Need help with any of these concerns? Get in touch with Garland Heart today to find out how to establish strong IT security in your organization.

Free eBook. Reduce cybersecurity risk in your financial institution. Download now.

5 Concerns Every CIO and CISO Will Face in 2016: Part 1

Posted by Gaye Connell • Feb. 29, 2016 • 0 Comments

In 2015, CIOs (chief information officers) and CISOs (chief information security officers) faced some serious cyber security threats, including the VTech Learning Lodge hack, which affected the data of nearly 5 million adults and 200,000 children, and the Anthem data breach, in which hackers stole 37 million customer records and passwords. With more services moving online, information security concerns show no sign of slowing down in 2016. Here are the five biggest concerns you need to consider this year.information security

1. Agility and Flexibility

In 2016, companies must be agile and flexible enough to respond to threats quickly. With major companies such as Chase, Sony and Target recently hit by security breaches, it’s clear that no one can afford to be complacent. By building agile teams, CIOs and CISOs can be sure that their organizations are ready to react to any threat. A successful team performs a regular risk assessment of vulnerabilities and handles them using a scrum structure, which is part of the agile approach to security software development. Agility is key to any cyber security plan, as it allows organizations to react promptly to new threats and limit the harm they cause.

2. Innovation

CI(S)O stands for Chief Information (Security) Officer, but in 2016 the “I” could easily stand for “innovation” instead. CIO's must constantly innovate to respond to new threats while delivering new enterprise IT compliance services in a cost-effective way. Technologies and products are constantly changing, particularly in the Internet of Things (IoT) field, which is why CIOs and CISOs must innovate to survive in the cyber security industry.

3. Security Budgets

The Ponemon Institute recently conducted a survey that revealed that 50 percent of C-level executives plan to flatten or reduce their security budget in the next two years. This poses even more challenges for CIOs and CISOs, who must continue to innovate and respond to threats while keeping costs low. With 59 percent of IT professionals believing that their organization does not adequately invest in IT security, 2016 is clearly going to be a challenging year for CIOs and CISOs.

Are you worried about security risks in 2016? Get in touch with Garland Heart today to find out how you can protect your organization in the future.
Free eBook. Reduce cybersecurity risk in your financial institution. Download now.

5 Ways to Reduce the Threat of Phishing Within Your Bank

Posted by Gaye Connell • Feb. 25, 2016 • 0 Comments

Phishing remains a major threat for both individuals and the businesses that serve them. According to the Anti-Phishing Working Group’s Global Phishing Survey, at least 123,972 sites around the world were used to launch phishing attacks targeting banks in the last half of 2014. In the first half of 2015, almost 41 percent of phishing attacks targeted banks.reduce phishing in your bank

Those attacks were split into two categories: mass phishing, which lures customers to fake sites asking for their credit card information, and spear phishing, which targets individuals directly in an attempt to get them to send money to a fake account or compromise their identity.

It’s crucial that your bank’s financial technology security services be working effectively with your customers to avoid a security breach.

1. Know If Your Customers Are Getting Phished

You must be aware when your customers are targeted by phishing attempts, and that means your customers need to be able to report it to you. Make sure they know what phishing is and how to recognize it — but most importantly, ensure they know what communication looks like when it comes from you, and what types of information you will and will not ask from them.

2. Have a Response Plan

Once a phishing attempt is identified, your computer security systems must respond immediately. Have procedures in place to “tag” phishing websites and report them to Web hosts, ISPs, and law enforcement and other authorities.

3. Ensure Your Online Interactions With Customers Are Always Secure

While it can be useful to maintain a constant stream of communication with your customers via email, don’t overdo it. It’s all too easy for one fraudulent phishing email to get “lost in the crowd,” and your customers won’t realize the link they’re about to click is a phishing link. A good way to ensure a level of secure communication is to utilize an email encryption tool or your online banking banking application. The additional security of the multi-factor authentication and secured messaging will help reduce the risk.

4. Identify and Educate Potential Spear-Phishing Targets

The most vigorous phishing attempts are usually targeted at people with access to large accounts, especially when that person’s access is publicly visible, as in the case of a high-ranking company official. Ensure you can identify those customers and then work with them directly to ensure they’re informed of the risk and know how to respond. Ensuring dual controls for submission & approval for both the customer and bank when able can add a layer of control.

5. Use Very Strong Authentication, Web and Email Filters

Don’t forget the security fundamentals. Your authentication procedures should be robust and well tested, and your Web and email filters should be monitored carefully to ensure they’re doing what you need them to.

Contact Garland Heart today and request a risk management consulting session for your bank.
North Texas Bank Cyber Security Case Study

3 Tips to Encourage Collaboration In Your Organization's Security Processes

Posted by Gaye Connell • Feb. 23, 2016 • 0 Comments

While information security has assumed top priority in many organizations, the steps that enterprises take to strengthen their overall cybersecurity often focus solely on improving the technology and processes involved in those efforts. Unfortunately, such a heavy focus on the technical mechanics of cybersecurity neglects the human side of the equation. This is especially true when it comes to strengthening the collaboration between security-oriented departments and the rest of your policy management

Indeed, studies show that the strength of your security protection potential drops when your organization experiences a widening gap between business leaders and security programs. In a survey conducted in September 2015, only 15 percent of IT security professionals described their organization's collaboration as excellent, while more than 30 percent described it as poor or non-existent. That lapse can have serious consequences as the cost of cybercrime continues to climb.

Faced with such a clear disconnect between personnel and process, what can your enterprise do to improve the situation? These three tips to boost collaboration are a good place to start.


1. Make Someone Accountable for Security

Too often, organizations become fixated on trying to decide who handles security more effectively, the chief information officer (CIO) or the chief information security officer (CISO). But ultimately, that question doesn't matter. It's likely that both organizational structures are perfectly capable of managing information security, so the real question is simply who is accountable for it?

Even if it means arbitrarily assigning final authority to the CIO over the CISO, or vice versa, the primary goal should be to make sure that someone is clearly and visibly accountable for your enterprise's security.

2. Communicate Security More Effectively

It's easy for security professionals to get lost in "trade-speak" when communicating with other departments. But relying on jargon and inscrutable terminology can make it impossible for business leaders and non-tech personnel to understand the points being made, and that lack of effective communication puts your security at risk. Additionally, clearly understood communication is a key component of ensuring that cyberdefense initiatives receive proper support and financial backing from your organization's leadership.

3. Focus on the Right Metrics

Security professionals often rely too much on compliance-related metrics, and that makes it difficult for business leaders to fully grasp the business implications of an effective cybersecurity program.

Instead of focusing solely on just being compliant, cybersecurity professionals should work to relay true indicators of their program's effectiveness. You can do this by focusing on areas that provide clear benefits, such as threat detection measures that directly increase your firm's data security.

Contact Garland Heart today for more information about how to encourage collaboration in your firm's information security efforts.
Free eBook. Reduce cybersecurity risk in your financial institution. Download now.

Topics: Info Security, Security, Corporate

5 Cyber Security Lessons Learned in 2015

Posted by Gaye Connell • Feb. 12, 2016 • 0 Comments

vulnerability assessmentsIt’s no secret that 2015 was another challenging year in cyber security. While fallout continued from the Sony hack, new threats emerged and each one offered a lesson for the future. Here’s what can be learned from the past year as you plan for 2016.

1. Keep Backups

One of the biggest cyber security stories of the year was the rise of “ransomware,” computer-hijacking software that literally holds its victims' data hostage unless a ransom is paid. If the victims fail to comply in time, their data is destroyed.

While antivirus and other security software has since learned how to combat much of that ransomware, it’s still possible to be infected by the newest versions. Fortunately, combining vigilant use of compliance software with automatic data backups provides the best solution, since a threat to delete the data on your hard drive is neutered when that data is already backed up elsewhere.

2. Manage Your Privileged Users Effectively

A privileged user is any account that is able to perform security-critical functions to any part of your systems. Administrator accounts are typical examples of privileged users. Under managing or underestimating the impact of that privilege can lead to increased vulnerability to information security breaches.

Accordingly, it’s important to have effective policies in place to reduce your risk, such as logging privileged user activities and limiting log-in durations along with the privileges given to each account.

3. Don’t Underestimate the Need for Security in ALL Networked Devices

In the Internet of Things, you need to secure more than just your computers: any networked device is capable of being compromised, and hackers have grown very creative about doing just that. It’s important not to underestimate the potential vulnerability of all your devices and to ensure you’ve taken steps to secure them.

4. The Need for Visibility Is at an All-Time High

A crucial lesson from 2015 is the increased need for visibility into your company’s potential environmental and security vulnerabilities. If you don’t already have procedures to actively monitor every user, device and program connected to your systems, now’s the time to implement them.

5. Security Problems Aren't Going Away Anytime Soon

With nearly 1 million new malware threats released every day, it’s clear that security problems are going to remain a fact of life. Fortunately, robust network security partnered with good vendor management and proper compliance software goes a long way toward mitigating most threats.

Contact us today to learn how a vulnerability assessment can help you keep your systems and devices secure.
Free eBook. Reduce cybersecurity risk in your financial institution. Download now.

Topics: Compliance, Info Security, IT

Subscribe to our Newsletter to receive Regulatory News and Company Updates: