@halock profile picture
HALOCK Security Labs | Reasonable Security @halock

Risk Management, Reasonable Security, Compliance, Pen Testing, Incident Response, Security Engineering, ISO 27001, CIS RAM, Duty of Care Risk Assessments DoCRA

Joined March 2008
  • Tweets 930
  • Following 186
  • Followers 561
135 Photos and videos
Over 30% of executives indicated they needed to improve their cybersecurity program they are disclosing or have not started working on their disclosures. The webcast recording and materials are now available. halock.com/compliance-week-w…
SEC cybersecurity reasonable risk

ALT SEC cybersecurity reasonable risk
1
1
107
Wright & Filippis, specializing in prosthetics, orthopedics, proposed a settlement of $2.9 million in response to allegations that they inadequately safeguarded personal data.  halock.com/orthopedic-and-pr… #reasonable #security #DoCRA #settlement #data #breach #ransomware

$2.9 Million Settlement for a Data Breach

Description Michigan-based Wright & Filippis, specializing in prosthetics, orthopedics, and accessibility solutions, proposed a settlement of $2.9 million in response to allegations that

halock.com
59
BHI Energy, a Massachusetts-based US energy services firm issued a data breach notification on October 18 about a recent data breach and subsequent ransomware attack. halock.com/us-energy-service… #ransomware #risk #DoCRA #energy #breach #GRC

Energy Company Data Breach and Ransomware Attack

Description BHI Energy, a Massachusetts-based US energy services firm, issued a data breach notification on October 18 about a recent data breach and subsequent ransomware attack. BHI Energy provides...

halock.com
66
Compliance Week SEC Cybersecurity Rules and Risk. Tomorrow October 24th. halock.com/compliance-week-w… #CPE #compliance #Risk #SEC #cybersecurity #DoCRA #dutyofcare #reasoanble

Understanding and Preparing for SEC Cybersecurity Disclosures.

“Wonderful presentation!” - Multinational conglomerate holding company Just how, exactly, are you going to describe your company’s cybersecurity strategy, governance, and risk management program in...

halock.com
34
Making informed decisions for Risk Management. halock.com/reasonablerisk Learn how to establish reasonable security, project manage your risks efficiently, and communicate security priorities and investment needs to the C-Suite and executives effectively. #reasonable #risk #GRC

Reasonable Risk - HALOCK

Reasonable Risk Empowering Security Leaders to be More Effective Reasonable Risk GRC Platform Reasonable Risk is a SaaS Governance, Risk & Compliance (GRC) platform purpose‑built to help organizati...

halock.com
56
Companies and their third parties are interconnected. If they get breached, so do you. halock.com/third-party-risk-… #TPRM #thirdpartyrisk #reasonable #security #cyber #compliance #tpsp #panorays #threat #monitor #asset_discovery #tpsp #vendor

Third Party Risk Management is an Accelerating Trend - HALOCK

  As cybersecurity professionals, our primary mission is to protect our organization’s information assets and IT infrastructure from cyber threats. We plan our resources and strategize what controls...

halock.com
50
Define a “clear line of acceptable risk” and more at this complimentary webinar. CEO Jim Mirochnik presents best practices on risk management and how to effectively connect security teams and the C-Suite. halock.com/complianceweek-we… #reasonable #security #DoCRA #cyber #compliance

Five Deliverables Every Security Team Needs to Survive and Thrive

View the recording below. See the survey results. In today’s fast-paced business world, firms must adapt to the ever-changing mobile compliance and technology landscape to

halock.com
32
Happy 4th of July! Remember to Protect Your Assets. halock.com/wp-content/upload… #password #cybersecurity #july4th #reasonable #DoCRA #reasonable #risk #GRC #dutyofcare #MFA #safeguards #privacy #hacker #breach #data #compliance #pentest
43
Tomorrow halock.com/pci-dss-2 In version 4.0, all periodic cadence requirements must be justified with a targeted risk analysis. Learn how to conduct a targeted risk analysis that use DoCRA, that litigators and regulators expect to see when doing risk assessments. #risk #TRA
26
Today PCI Requirements Webinar with Viviana Wesley halock.com/webinar-a-deep-di… #pcicompliance #risk #pcidss

Emerging PCI DSS 4.0 Requirements that are Due by March 2025

There are 51 requirements that are best practices until March of 2025. Some will be process related and some will require technology or program changes. Join Viviana Wesley for a deep dive into these...

halock.com
23
What a great educational and wonderful group of folks. Very insightful sessions on managing payments in one of the most unique industries. halock.com/the-payments-acad… Viviana Wesley Justin Evans #PCI #PCIDSS #PCIcompliance #card #sensitive #compliance #risk #TPA #payments #v4 #GRC

The Payments Academy | PCI Scope | Compliance

The Payments Academy 2023 Justin Evans of University of Iowa; Kandace Young of PCI Security Standards Council; Lauren Holloway of PCI Security Standards Council;

halock.com
34
Today - PCI Webinar Series on Immediate Requirements. Speaker Viviana Wesley halock.com/webinar-a-deep-di… #PCI #PCIDSS4 #compliance #risk

New PCI DSS 4.0 Requirements Applicable Immediately

There are 14 new requirements that are effective immediately for any PCI DSS 4.0 validation. Join Viviana Wesley for a deep dive into these requirements so your organization can start working on...

halock.com
19
This Just in. The Payments Academy. PCI DSS Scoping
26
Happy May the 4th! halock.com/may-the-fourth-be… #maythe4thbewithyou #maythe4thbewithyou #maythe4th #maythefourth #cybersecurity #cybersecurityawareness #risk #grc

May the Fourth Be with You | Happy Star Wars Day

  Happy Star Wars Day - May the fourth be with you. Celebrate by protecting your data, terminals, code, and technology from bad slicers (hackers). Get your security awareness reminders for your teams...

halock.com
37
In 1 Week: April 27, 2023 PCI DSS v3.2.1 expires on March 31, 2024. Organizations should now be planning their transition to PCI DSS v4.0. 64 new requirements in PCI DSS v4.0, there is a lot to consider in preparation for the coming deadline halock.com/preparing-for-you… #PCI_DSS

Preparing for Your Transition to PCI DSS v4.0 Webinar - HALOCK

PCI DSS v3.2.1 expires on March 31, 2024. Organizations should now be planning their transition to PCI DSS v4.0. With 64 new requirements in PCI DSS v4.0, companies have a lot to consider in prepar...

halock.com
17
How far can the attacker go before being halted or contained by investments made into existing safeguards? halock.com/pen-test/penetrat… #assumed #breach #penetration_testing #controls #reasonable #DoCRA #cybersecurity #privacy #safeguards #vulnerability

Penetration Testing Assumed Breach - HALOCK

Assumed Breach Penetration Testing Testing frontline controls once breached. What is an Assumed Breach Penetration Test? HALOCK's Assumed Breach Penetration Test addresses what happens following a...

halock.com
39
Sensitive personal information must be protected from unauthorized access, use, disclosure, or destruction, and the law requires firms to take reasonable security measures to do so. eyeonannapolis.net/2023/04/d… #reasonable #security #cyber #data #risk #DoCRA #PIPA

Data Storage Compliance and Regulations: A Guide for Maryland Companies Navigating Data Privacy Laws

In today’s data-driven world, protecting private data has emerged as a critical concern for organizations of all kinds. To avoid fines, safeguard consumer confidence, and have a good image, b…

eyeonannapolis.net
19
Viviana Wesley of HALOCK Security Labs and Justin Evans of the University of Iowa will present at The Payments Academy Annual Conference on May 7-10, 2023, in Indianapolis. halock.com/halock-presenting…

HALOCK & PCI Compliance at The Payments Academy

Viviana Wesley of HALOCK Security Labs and Justin Evans of the University of Iowa will be presenting at The Payments Academy Annual Conference, held May 7-10, 2023, in Indianapolis, Indiana. Regist...

halock.com
35
Weee! is a food delivery service headquartered in Fremont California. The company made an announcement on its website that it suffered a data breach in February of 2023 that compromised the information of customers halock.com/sensitive-data-co…

Sensitive Data Compromised for Food Delivery Customers

Sensitive data Compromised in Breach for 1 million Customers using Food Delivery Service DESCRIPTION Weee! is a food delivery service headquartered in Fremont California. The company delivers food...

halock.com
49
Load more