Cyber Security

Security convergence is the consolidation of traditionally disparate risk management spheres of influence, Physical Security, Information Security and Compliance into a unified view of risk. Find Out More.

Compliance

We maintain extensive partnerships with regional accounting and audit firms. Find Out More.

NESP_Color

New England Safety Partners helps small and medium sized business with comprehensive Risk Management services in cyber securityphysical security and compliance management.

Please contact us for details. 

****

Proud Sponsor of the Boston Chapter of InfraGard

ig_logo

NESP consultants had a very thorough understanding of the PCI-DSS requirement. (The word ‘encyclopedic’ comes to mind.) This was very helpful in areas where the written standard leaves room for interpretation. In those situations, they helped us to assess our risk and to develop practical solutions.

They brought strong operating systems and networking expertise. They quickly earned the respect of, and collaborated effectively with, our technical staff. Consistently their recommendations were technically sound.

Information Security Staff Member, Large University

Working with technology and people can be messy and a sometimes befuddling proposition. NESP exercised effective people skills in balance with deep understanding of project technical issues to yield positive results for ITG.

CEO, Interactice Tactical Group

NESP was a strong business partner on information security issues particularly as they related to our employees, data security, data access and data controls. They were instrumental in putting a robust information security program in place for the organization, and for educating senior management on the criticality of security awareness. They demonstrated strong technical expertise, but also had the ability to align with business demands/appetite.

VP HR, Property and Casualty Insurance Company

Your Hump Day Reading List for October 17, 2018

More great defensive preparedness articles for you this week! 
 
Making your home into a fortress (?)
I’ll acknowledge that the author of this article goes a little over the top at times, and that I think his mania for protecting his identity is a little silly in this day and age, but his article has some excellent  information and looks at the topic in a logical, organized manner. It’s well worth reading.
 
You’re ready — but what …

The post Your Hump Day Reading List for October 17, 2018 appeared first on www.GrantCunningham.com.

read more

The critical skill no one teaches

The ability to judge risk is critical to the long game of self defense. (As it happens, it’s also critical to efficient preparedness, investing your retirement funds wisely, and the choice between flying or driving to your vacation destination.) Yet, despite its importance, it’s very rarely talked about — especially in the self defense community.
“You never know where evil will strike!”
While it’s true that evil can strike anywhere, anytime, the reality is that it strikes more often …

The post The critical skill no one teaches appeared first on www.GrantCunningham.com.

read more

Supply Chain Security 101: An Expert’s View

Earlier this month I spoke at a cybersecurity conference in Albany, N.Y. alongside Tony Sager, senior vice president and chief evangelist at the Center for Internet Security and a former bug hunter at the U.S. National Security Agency. We  talked at length about many issues, including supply chain security, and I asked Sager whether he’d heard anything about rumors that Supermicro — a high tech firm in San Jose, Calif. — had allegedly inserted hardware backdoors in technology sold to a number of American companies.

read more

Patch Tuesday, October 2018 Edition

Microsoft this week released software updates to fix roughly 50 security problems with various versions of its Windows operating system and related software, including one flaw that is already being exploited and another for which exploit code is publicly available.

read more

Your Hump Day Reading List for October 10, 2018

I’ve got another great selection of articles for you this week! 
 
This happens too often, and I’m tired of it
This one happened last July; yesterday I read of a 3-year-old who died when he got hold of an unsecured firearm. Too many kids are dying from accidental gunshots, and we as responsible gun owners need to be at the forefront of reducing them.
It’s simply not responsible to leave a firearm anywhere it can be accessed by …

The post Your Hump Day Reading List for October 10, 2018 appeared first on www.GrantCunningham.com.

read more

Naming & Shaming Web Polluters: Xiongmai

What do we do with a company that regularly pumps metric tons of virtual toxic sludge onto the Internet and yet refuses to clean up their act? If ever there were a technology giant that deserved to be named and shamed for polluting the Web, it is Xiongmai — a Chinese maker of electronic parts that power a huge percentage of cheap digital video recorders (DVRs) and Internet-connected security cameras.

read more

Naming & Shaming Web Polluters: Xiongmai

What do we do with a company that regularly pumps metric tons of virtual toxic sludge onto the Internet and yet refuses to clean up their act? If ever there were a technology giant that deserved to be named and shamed for polluting the Web, it is Xiongmai — a Chinese maker of electronic parts that power a huge percentage of cheap digital video recorders (DVRs) and Internet-connected security cameras.

read more

Supply Chain Security is the Whole Enchilada, But Who’s Willing to Pay for It?

From time to time, there emerge cybersecurity stories of such potential impact that they have the effect of making all other security concerns seem minuscule and trifling by comparison. Yesterday was one of those times. Bloomberg Businessweek on Thursday published a bombshell investigation alleging that Chinese cyber spies had used a U.S.-based tech firm to secretly embed tiny computer chips into electronic devices purchased and used by almost 30 different companies. There aren’t any corroborating accounts of this scoop so far, but it is both fascinating and terrifying to look at why threats to the global technology supply chain can be so difficult to detect, verify and counter.

read more

Your Hump Day Reading List for October 3, 2018

It’s the first Wednesday of October, and I’ve got some great defensive preparedness articles for all areas of your life. (Oh, and one article about an idiot with a gun that we should all avoid emulating!)
 
Need some help prioritizing your preparedness?
If you’re having trouble deciding what to do first, one approach is prioritizing based on scope of impact. It has the advantage of helping you “group” your activities and purchases to ensure you’re focusing on what’s …

The post Your Hump Day Reading List for October 3, 2018 appeared first on www.GrantCunningham.com.

read more

When Security Researchers Pose as Cybercrooks, Who Can Tell the Difference?

A ridiculous number of companies are exposing some or all of their proprietary and customer data by putting it in the cloud without any kind of authentication needed to read, alter or destroy it. When cybercriminals are the first to discover these missteps, usually the outcome is a demand for money in return for the stolen data. But when these screw-ups are unearthed by security professionals seeking to make a name for themselves, the resulting publicity often can leave the breached organization wishing they’d instead been quietly extorted by anonymous crooks.

read more