Knowledge

8/4/2017 Newsletters

Discover the NEW online DFS Cybersecurity Reporting Portal

On July 31, 2017, the Department of Financial Services (DFS) has launched a new online portal to securely transmit in real time all notifications required under New York’s first-in-the-nation cybersecurity regulation. If you need assistance with registration or with any or all components of this cybersecurity framework, the Digital Edge team is available to meet your compliance needs! 

“With DFS’s leading cybersecurity regulation, the DFS cyber portal will allow New York’s financial institutions to quickly, easily, and securely report cybersecurity events and file required certifications of compliance, ensuring that the necessary safeguards are in place to protect New York consumers and financial institutions as the threat of cyber-attacks continues to increase.” - Superintendent Maria Vullo, Department of Financial Services

Filings made through the DFS Web Portal are preferred to alternative filing mechanisms as the DFS Web Portal provides a paperless reporting tool to facilitate compliance with the DFS cybersecurity regulation. Learn more about the New only DFS Cybersecurity Reporting Portal here.

Let the Digital Edge Cyber Security Team ease the burden of implementing the robust NYDFS Cybersecurity Regulation. Contact our Sales Team for your free assessment and align yourself with DFS compliance today

7/17/2017 White Papers

To Do: Check List to Comply with DFS Cybersecurity Law

It is critical for all regulated institutions that have not yet done so to move swiftly and urgently to adopt a cybersecurity program and for all regulated entities to be subject to minimum standards with respect to their programs.

The law will produce large penalties if your company is found not in compliance and Digital Edge’s Solution is here to help avoid those hefty fines.  

To Do List:

  1. Determine if you are regulated; to see how please click here.
  2. Determine if you are eligible for any of the 5 possible exemptions; to review the exceptions click here.
  3. If you are eligible for exemption, you must file the Cyber Security Notice of Exception by September 27, 2017. 
  4. Depending on your exemption category, you may still need to build a cyber security system. Click here to see how Digital Edge can help you. 
  5. By August 28, 2017, covered entities must be in compliance. 
  6. February 15, 2018, covered entities must submit first Certification of Compliance. 
     
7/7/2017 White Papers

DFS Compliance – Mandatory Cybersecurity Requirements

On March 1, 2017, the New York State Department of Financial Services’ (DFS) mandatory cybersecurity requirements for financial services entities became effective, with implementation to occur within 180 days (August 28, 2017). Let the Digital Edge Cybersecurity Team keep your business in compliance!

At a high level, the regulation requires that all covered entities:

  • Conduct a documented risk assessment
  • Establish a risk-based cybersecurity program
  • Adopt a written cybersecurity policy
  • Designate a qualified CISO
  • Implement written third-party cyber risk policies
  • Establish a written incident response plan
  • Notify the superintendent of DFS of any cybersecurity events
  • Submit an annual certification of compliance

It is critical for all regulated institutions that have not yet done so to move swiftly and urgently to adopt a cybersecurity program and for all regulated entities to be subject to minimum standards with respect to their programs.  To learn more about this mandatory compliance regulations, please read our most recent whitepaper entitled “DFS Compliance – Mandatory  Cybersecurity Regulations” 
 
Digital Edge DFS Cybersecurity Solution
 
The Digital Edge Cybersecurity Team is well-versed in the DFS regulation.  We are ready to help companies mitigate risk and ensure compliance with all aspects of the DFS regulation! Contact us today to further explore how our team can provide your business with an unparalleled cybersecurity solution, with our continued focus on Stability, Security, Efficiency and Compliance

6/28/2017 Newsletters

2 Facts about the New Cryptolocker Ransom.Petya

A brief message from the Digital Edge Security Team

  1. All Digital Edge’s clients are patched and safe. If you are not Digital Edge client and feel that you may need assistance please contact us
  2. If you are affected by Ransom.Petya, do not pay the ransom and speak immediately to the Digital Edge Security Team. Further analysis of the cryptolocker, revealed that data retrieval is possible without paying ransom. Please contact our Security Team if you need an assistance with recovering and removing Ransom.Petya. 
     
6/14/2017 White Papers

IT Skills Assessment Platform

In an effort to help organizations to better assess candidates, their level of expertise and knowledge of relevant subjects, Digital Edge and Appcore Solutions (https://appcoresolutions.com/) have designed and built an IT Skills Assessment Platform.

This platform gives organizations the ability to create custom tailored online tests for each job opening. Additionally, this system also allows your organization to invite your candidates to take relevant tests and preview the results. 

Currently, Digital Edge utilizes this system to pre-screen candidates before an initial face-to-face meeting. We invite you to take a test drive and share your opinion about the system, its concepts and features.

We invite you to take a test drive and share your opinion about the system, its concepts and features.

Please try the system:

www.perfectknowledge.com

Please click the link below to get more details and access to the system!

Read more about the platform here

 

5/28/2017 Newsletters

Unintentional Damage - Warning About Possible Information Disclosure

Traffic analytical tools can cause unintentional sensitive information disclosure.  

Most of precisely targeted attacks on IT infrastructures are originated from outside of security perimeters of the victimized organizations. However, the security openings allowing cyber attackers to breach security mechanisms overwhelmingly originated either with unintentional help of insiders or disclosure of sensitive information. 

Read more on this subject and how the Digital Edge Security Team helps clients mitigate or prevent these risks.

5/13/2017 Newsletters

Update – Microsoft to Include Support for WannaCrypt Attacks - Windows XP & 2003

There is a great relief for the many companies which still use legacy systems that are no longer supported by the manufacturer, as the case with Windows XP and Windows Server 2003 - Microsoft is including these operating systems in the updates to patch for the existing vulnerabilities exposed in this attack. For those customers who still have legacy systems, this is vital to protect their overall customer ecosystem.
 
Download English language security updates for: 

To download localized versions for the security update for Windows XP, Windows 8 or Windows Server: http://www.catalog.update.microsoft.com/Search.aspx?q=KB4012598

 

5/12/2017 Newsletters

Urgent - Important Response to WanaCrypt0r Ransomeware Attack

As per all news agencies and cyber security organizations, multiple countries are under a massive ransomware attack. The ransomware spreads through Europe but specialists are sure that it will eventually spill into US. 

The Digital Edge Security Team is assessing the situation and will assist all the clients and any IT organization that require cyber security help. 
 
We feel that the threat is serious as the infection has a “hunting” functionality that is used to infect other computers that the infected computer has access to through vulnerable Windows SMB Protocol. Microsoft Windows vulnerability called EternalBlue is used by NSA tools leaked to WikiLeaks earlier. The attack might be inspired by NSA weaponry or by NSA itself.

Simply put, if a user opens a malicious email or a website on a desktop that was not patched after March 14, 2017,  there is a big chance that the user’s computer will be infected and the virus will spread inside of the organization.  

Please open a support ticket if you need immediate help at: https://www.digitaledge.net/support/
 
Please click here for more information how to protect your systems.

5/9/2017 Newsletters

May 2017 – Vulnerabilities in Consumer Devices

More and more, security organizations report cyber security vulnerabilities in devices that are not exactly computers. Those devices may include routers, video cameras, and other “internet of things” gadgets. 

It is critically important to know that your home devices with access to the internet are secured. Some of these weaknesses could be related to well-known default user ID and password combinations or whereas, some devices do not even have patching capabilities making people permanently vulnerable. 

Digital Edge is monitoring known vulnerabilities in consumer devices and notifying our friends and colleagues about such cases. 

Click here to see recent vulnerable devices.
 

5/1/2017 Newsletters

Digital Edge Assists in Handling Cyber Security: How to Deal with Identity Theft

The Federal Trade Commission (FTC) has announced a new web site – a single point to report Identity Theft - https://identitytheft.gov/

In many cases, reports from this site will be accepted as an official police report. 

Please see how Digital Edge’s Log Management Service can be utilized as an SIEM (Security Information and Event Management) Dashboard.

LET'S TALK: 800-714-5143