Search

Insight

4 Free Cybersecurity Awareness Email Templates To Use at Your Company

The 2019 Verizon Data Breach Report identified phishing as the number one cause of data breaches and the most disruptive type of cyberattack. These schemes are common because:   They're easy. Even novice criminals can execute a phishing scheme. They're flexible. Email schemes can be used to deliver malicious payloads (like ransomware), steal user credentials, steal crown jewels data, and instigate phony wire transfers. They're valuable. Phishing schemes cost companies well over half a billion dollars each year in fraudulent transactions, lost data, revenue, and productivity. We're really bad at stopping them.  They prey on our "click first" mentality and the onslaught of emails we skim through a daily basis.   The First Step of Cyber Awareness... ...is communication. Regular, consistent, and informative communication. Everyone (yes, every. single. person.) in your organization needs to know what hackers are trying to do, and what role they can play in stopping them. We often get asked for tips on communicating with employees about these topics - from ransomware (a top concern after WannaCry) to basic phishing to password best practices. So, in that spirit, we've decided to bust our cyber awareness email templates out of the vault, and post them here for you to use in your organization.
Insight

Recent Data Breaches and Increasing Standards of Care Requirements

Last year, there were over 2,000 confirmed data breaches. While most breaches highlighted in the media occur at large, well-known companies, those that happen at smaller companies can still have a devastating impact on consumers and result in severe consequences. Two unrelated web-based companies, i-Dressup and ClixSense,  each failed to provide reasonable data security at their respective organizations, enabling hackers to steal personal information, including social security numbers and IP addresses, of over 12 million consumers combined. These companies recently reached separate settlements with the Federal Trade Commission (FTC), both of which included fines and new standards of care requirements around cybersecurity.      In Part 2 of our series tracking popular settlement actions and court cases, we’ll take a closer look at the data breaches at i-Dressup and ClixSense, the settlement orders issued by the FTC, and what lessons others can learn and apply from these incidents.
Person

Gary McIntyre

Gary McIntyre is a Director with Focal Point’s Cyber Defense practice and brings over 19 years of experience focused on information security with a specialization in the end-to-end design, deployment, and operation of Security Operations Centers.
Service

Cyber Maturity Assessment

Benchmark your cybersecurity policies, processes, and technology against leading standards and gain actionable insights for maturing your program.
Page

Veterans and Reservists at Focal Point

Focal Point actively seeks to hire veterans, reservists, National Guard members, and military spouses and to provide them with opportunities to advance their careers in cutting-edge technical fields like cybersecurity, identity and access management, IT strategy, data privacy, and audit and compliance.
Service

Privacy Maturity Assessment

Benchmark your privacy policies, processes, and technology against leading standards and gain actionable insights for maturing your program.
Insight

What You Should Know about NIST’s New Privacy Framework

A recent Cisco study found that 80% of consumers are willing to act to protect their privacy, saying they would spend more time and money to do so and that they consider it a buying factor. Nearly half of these respondents also indicated that they had switched companies over data privacy policies or data sharing practices. Privacy is no longer just about regulatory compliance – it has become a critical part of doing business and a competitive differentiator for many organizations. More organizations are seeking to implement privacy policies and programs that protect consumer data and give consumers control over their data, while still meeting business needs. But this is not any easy goal to accomplish. New technology, shifting business needs, and multiple, sometimes disparate, privacy regulations like the GDPR and the CCPA all add layers of complexity to this challenge. To help organizations address this, NIST announced its plan to develop a privacy framework based on the structure of its Cybersecurity Framework (CSF) in 2018. After a year of collaborating with businesses, government agencies, academics, industry experts, and non-profits, the preliminary draft was released for feedback in 2019. Finally, in January 2020, Version 1.0 of the NIST Privacy Framework: A Tool for Improving Privacy though Enterprise Risk Management was published.
News Article

Focal Point Grows IRM Practice, Adding Top Big 4 Expert

Focal Point adds former Big 4 expert David Graff to lead Integrated Risk Management services. Graff will consult on leading IRM technologies.
Person

David Martinez

David Martinez is an IT Audit Director in Focal Point’s Audit and Advisory Services practice.
New Search