Cyber Forensics: Collecting evidence for today’s data breaches

I will be presenting at the ISACA CPE & Social Event - Cyber Forensics & Cleveland Cavaliers vs. Miami Heat Basketball Outing today at 3:00 PM.  The topic is "Cyber Forensics: Collecting evidence for today’s data breaches" and it should be an enjoyable talk. Many forensic techniques focus on obtaining data from local machines, servers [...]March 20, 2013 |

Buying or Selling? An Investigation into Craigslist Scams

Eric Vanderburg It seems no matter where you turn, someone is waiting to rip you off.   Our inboxes drown in spam and phishing messages that attempt to discover bank account information or account credentials.  A large percentage of the banner ads on social networking sites advertise various get rich schemes designed to take money from […]

June 21, 2012 |

Developing a Security Oriented Corporate Culture – white paper

TCDI is pleased to announce the release of an important and timely white paper, ” Developing a Security-Oriented Corporate Culture.” Organizations that do not develop a security-oriented corporate culture are risking fraud, loss or misuse of data, and even legal responsibility when information is compromised, according to the new white paper written by Eric Vanderburg […]

May 23, 2012 |

Risk Homeostasis and its impact on risk reduction

Eric Vanderburg Gerald Wilde had a theory called risk homeostasis.  This theory hypothesizes that people have a level of acceptable risk.  When they perceive that there is less risk, they will take more risky actions to bring them to an acceptable level and when they perceive more risk, they will be more cautious.  Information security […]

February 3, 2012 |

Is Your TV a Security Risk? Embedded Devices May be the Next Target.

Eric Vanderburg The latest televisions and Blu-Ray players come equipped with more than HD video and audio.  Internet access and a host of new applications are being built in to run directly on these “smart” TVs and DVD players.  A popular built-in feature is wireless access which enables the user to avoid plugging in an Ethernet […]

January 26, 2012 |

Information Security Compliance: ISO 27000

Eric Vanderburg The last two articles on compliance have covered the Health Insurance Portability and Accountability Act (HIPAA) and the ramifications of that bill on healthcare providers and business associates and the Payment Card Industry Data Security Standard (PCI-DSS) which provides guidelines for securely handling credit card and related personal data.  This article outlines the […]

December 7, 2011 |

Defending Against DDOS (Distributed Denial-of-Service)

Eric Vanderburg   The site is down!  These are haunting words for most businesses, and today’s topic: the DDoS (Distributed Denial-of-Service) attack. This particularly nasty type of attack attempts to disrupt the availability of systems by overwhelming servers, saturating bandwidth or through other techniques.  Your business is most likely heavily reliant upon specific systems and […]

December 1, 2011 |

Security and Compliance Synergies with DLP and SIEM

Eric Vanderburg   Data Loss Prevention (DLP) can greatly help organizations understand and control the data that is used, stored and transmitted and it is seeing increasing use in PCI-DSS compliance.  Another technology, Security Information and Event Management (SIEM), collects and analyzes data in real time from multiple sources including server logs, network devices, firewalls […]

October 12, 2011 |

Information Security Compliance: HIPAA

Eric Vanderburg   This is the first entry in a set of three blogs that deal with information compliance. We wish to provide corporations a guide that outlines which laws they are subject to and how to follow them properly.  In this particular blog we will discuss the Health Insurance Portability and Accountability Act (HIPAA). […]

September 8, 2011 |

Information Security Compliance: Which regulations relate to me?

Eric Vanderburg This entry is part of a series of information security compliance articles. In subsequent articles we will discuss the specific regulations and their precise applications, at length. These regulations include HIPAA or the Health Insurance Portability and Accountability Act, The Sarbanes Oxley Act, Federal Information Security Management Act of 2002 (FISMA), Family Educational […]

August 31, 2011 |

Request Info

TCDI | Computer Forensics | Cybersecurity | Litigation Technology