Call us at 507.319.5206 or This email address is being protected from spambots. You need JavaScript enabled to view it.
Follow us on LinkedIn and Twitter

Botz Security Bytes Newsletter — October 2016



Solving information security problems                          October 2016

Home     |      SSO Services      |      Security Consulting      |       Downloads     |      Contact      


Cybersecurity Law for Financial

Institutions: First of its kind in the



New RegulationOctober 24, 2016 — Security experts like me have been harping for years that information security requires an ongoing business process.


It must be supported and championed by the highest levels of leadership in the organization. It must include identification of threats and vulnerabilities, plus written policies that are implemented effectively and efficiently and periodically reviewed. 


Well, the state of New York is set to enact these “recommendations” into law for insurance companies and financial institutions.


On September 13, 2016, the Governor and the state’s Department of Financial Services proposed a set of cybersecurity regulations. At that time, it entered 45-day public comment period after which it will become law......




Are Password “Best Practices”




Believe it or not, some commonly-accepted password best practices are probably counter-productive for security in the real world! 


As is true for (surprisingly) much in information security, best practices for passwords are based primarily on the “most popular” practices in use rather than on scientific evidence generated from real-world scenarios.


In other words, many of the most popular practices are based on nothing more than intuition.


Recently, a peer-reviewed research paper.....





Not your copy? 
Don't miss an issue!  Subscribe here...


Virtual CISO 
"Fractional CISO" services are a practical way for small to mid-sized organizations to stay on top of complex IT security requirements.  For networks that include IBM i servers, you can't beat the monthly Botz TeamSecurity Virtual CISO service. Take a proactive stance on securing your systems and never again face audits or new compliance mandates alone.

Learn more online.... or
Contact me directly....




Hacked Cameras, DVRs Powered Today’s Massive Internet Outage
We've heard for a few years now that the "things" on the "Internet of Things" have big-time security problems. We just got another example of what those problems entail. This analysis provides some of the first insight into how this happened.


Spreading the DDoS Disease & Selling the Cure
A story related to the one above, written 2 days before the attack happened.


7 Ways Electronic Voting Systems Can Be Attacked
Voting machines aren't connected to the Internet at the time of voting, so many of the attacks some may envision aren't possible. However, there are other ways to attack the integrity of the vote. This article covers a few of the potential vulnerabilities.


Russian Indicted for Breach of 3 Silicon Valley Companies
29-year old Russian indicted by federal grand jury in Oakland, CA for attacks against LinkedIn, Formspring and Dropbox. 



BOTZ & Associates, Inc.    |    Rochester, MN 55903    |    1.507.319.5206    |    This email address is being protected from spambots. You need JavaScript enabled to view it.