Author: seth

The Garland Group is a rather small operation, consisting of only 14 employees. You’d think that with just more than a baker’s dozen of people on board, we’d do “business as usual,” but we’re actually doing the very opposite. Our CEO, Brad Garland, has a knack for pushing the envelope a bit, especially in this industry. He’s always looking for ways for us to be better than we were the day before, and do things more helpful and meaningful for ourselves and our industry.

Wells Fargo implemented their Continuous Auditing process in 2001 and since then has continued to develop its program with tangible ROI: “$400,000 in travel expenses reduced annually and 23,500 budgeted hours reduced annually” Recently we had a chat with Erica Ocana-Smith Senior Audit Manager of Wells Fargo and she shared a few nuggets with us on how they changed their culture.

“My voice is my passport, verify me.” Quick, name the movie that’s from…. That phrase was used as a voice identification password in a movie a few years back, and it’s stuck with me. Passwords are interesting things in and of themselves, we rely on them so much for our digital lives that the very complex and nebulous world of information security is often boiled down into the simplistic rule of good security equals good passwords. But is that all there is? Is your online banking account secure if you use W+UwRe!AYach3su* as your password? Sure it is, unless your spouse, your child, or someone other than you, and only you, have access to it. This is one of the areas where there is so much confusion, most of it generated by ill given advice on account management, it creates a less secure environment while making the user think they are doing exactly the opposite. Like spotting counterfeits, it’s easier to see the pitfalls if you look at correct examples first, so here’s a few rules of thumb that can get you started.

Years ago in my IT capstone class we learned that you can’t manage what you can’t measure. This ultimately led us to cram, yes cram the Zachman’s framework to regurgitate it on our test. Shhhh don’t tell my professor. Despite the cramming something obviously stayed with me. That is that even though our threats, risks, and IT security issues have escalated, when we’re managing IT security we must consider every segment of the enterprise. I dare say collaboration.

This guest post is written by Paul Reymann, CEO and founder of the Reymann Group. He is one of the nation’s leading regulatory experts and co-author of Section 501 of the Gramm-Leach-Bliley Act Security rule. He is also the author of numerous articles and papers on technology risk, transactional web sites, customer information, network security and other technology and safety and soundness topics.

Coming from a corporate work environment with 9-5 hours, you become programmed to work these hours. Time off for appointments & kid functions seemed impossible from your micro-managing boss. It was like living in a real life “Office Space” environment. I was successful at my job, but I felt that my family suffered because of it.

From Bank Systems and Technology Online Web Site:

From Westlaw to Word, your law firm’s digital operations help advance client interests. While you work to protect your clients in the courtroom, clients are increasingly asking whether you also protect their data in the cyber arena. Law firm data presents a lucrative target – law firms are often viewed as “one-stop shops” for attackers – with sensitive information on multiple clients. As news of the latest data breach continuously captures headlines, law firms and their clients want assurance that data protection policies and procedures exist, and more importantly are being followed. Organizations ranging from government entities to fortune 100 companies are looking to see that an independent third-party has recently completed a cybersecurity audit before engaging in legal or business transactions.