Time to protect – BEC Series #3

Posted on November 29, 2018 by Lisa Wallace

A few weeks ago, we published the Business Email Compromise (BEC) Checklist. The question arose – what if you’re new to security, or your security program isn’t very mature?

Since the checklist is based on the NIST model, there’s a lot of information here to help your security program mature, as well as to help you mature as a security practitioner. MSI’s engineers have discussed a few ways to leverage the checklist as a growth mechanism.

Part 1 and Part 2 covered the first checkpoint in the list – Identify.

Continue reading →

OSINT Yourself

Posted on November 19, 2018 by Adam Hostetler

If you’re unfamiliar with the term “OSINT” (open-source intelligence) it boils down to finding information that’s publicly and freely available about you, your company or anything else. How can this help you? OSINT covers a very broad array of sources and uses, and one way it can be used is to help verify your external network surfaces, and if user emails have been found in datadumps from compromised sites.

Continue reading →

When human errors put PII at risk…

Posted on November 8, 2018 by Lisa Wallace

I’ve been having a bit of a bizarre experience for the last couple of months, and decided to share…it’s bothering me a bit.

Back on September 10th, a lady – let’s call her Jane Doe – applied for a life insurance policy with specific funeral benefits. Only…Jane accidentally gave the company one of my personal email addresses by mistake.

Continue reading →

MSI :: State of Security

Insight from the Information Security Experts

Monthly Archives: November 2018

Time to protect – BEC Series #3

OSINT Yourself

When human errors put PII at risk…