05

Mar 2019

Sword & Shield Recognized for Managed Security Services Expertise

Nationally recognized cybersecurity firm makes list of 100 top managed security service providers in the country. Knoxville, Tenn. March 5, 2019 –  Sword & Shield Enterprise Security, a leading national cybersecurity firm based in Knoxville, Tennessee, announced today the company has been named to the CRN® 2019 Service Provider (MSP) 500 list in the Security 100 category highlighting companies with managed security services expertise. CRN,...

Read More


20

Feb 2019

How Do I Know If I Have to Be PCI Compliant?

Payment Card Industry compliance is intended to make credit and debit card transactions more secure and to protect cardholders against misuse of their personal information. This article explains who must be PCI compliant, the levels of compliance, the role of PCI experts, and the types of reporting that must be completed. What is the PCI DSS Standard? The PCI Data Security Standard (PCI DSS) is a...

Read More


12

Feb 2019

Phantom Users: Deception and Pass the Hash Attacks

Deception in cyber defense Using deception in cyber defense isn’t a new concept. Honeypots, computers with false data designed to have vulnerabilities to lure attackers to keep them occupied, have been around since before the turn of the century. Honeynets, networks of honeypots intended to mimic a legitimate network, were not far behind. By providing some “low-hanging fruit” for attackers to spend their time on,...

Read More


06

Feb 2019

In-House SOC or MSSP?

With every study and high-profile data breach publicized, it becomes more apparent that companies need to make protecting their systems more diligently. This leads to the question of whether an organization should go with an in-house SOC or MSSP (managed security service provider). In this article we will discuss considerations for each. Is My Organization at Risk of Cyber Attack? A survey conducted by KPMG...

Read More


31

Jan 2019

How Managed Security Can Help Reach PCI Compliance

The PCI DSS standard is designed to ensure the security of credit card data. Any organization that stores, transmits, or processes credit card information must comply with the requirements of the PCI DSS standard. The organization must pass third-party audits designed to test this compliance. What Do I Need to Do for PCI Compliance? In order to be compliant with PCI DSS, an organization needs...

Read More


22

Jan 2019

Implementing Defense in Depth in the Cloud

Many companies assume their cloud vendor is responsible for and has adequate tools, policies and procedures in place for protecting the data with which they are entrusted. While this is true to some extent, consumer data protection laws such as GDPR hold the owner of the data responsible if the cloud service is compromised. “Using cloud services does not transfer the company’s risk to the...

Read More


16

Jan 2019

Should I Go Through HITRUST Certification Even If It’s Not Required?

The HITRUST CSF is a set of security controls designed to help organizations that work with sensitive healthcare data to become more secure. Since HITRUST is gaining traction, many organization decision makers are asking the question, “Should my company go through HITRUST certification even though we’re not required to do so?”. This article explores what it means to be HITRUST certified and the benefits of...

Read More


07

Jan 2019

Introduction to the MITRE ATT&CK Framework

What is the MITRE ATT&CK Framework? MITRE’s Adversarial Tactics, Techniques and Common Knowledge (ATT&CK) framework is a collection of information about advanced persistent threats (APTs) that commonly target enterprise networks. The goal of the framework is to collect all relevant and available information about these groups and organize it in a way that makes it accessible and usable for enterprise security teams. The framework was...

Read More


02

Jan 2019

What You Need to Know About HIPAA Risk Assessments

The Health Insurance Portability and Accountability Act (HIPAA) describes how organizations that store, process, maintain, or transmit Personal Health Information (PHI) must handle this sensitive information. HIPAA is comprised of the Privacy Rule, the Security Rule, and the Breach Notification Rule which collectively mandate how patient privacy should be ensured and how the sensitive health data should be protected. One component of HIPAA is the...

Read More


17

Dec 2018

Sword & Shield Announces HIPAA Compliance Case Study

Award winning national information security and compliance firm helps company gain confidence in bidding for new contracts KNOXVILLE, Tenn. December 17, 2018 – Sword & Shield Enterprise Security, a leading national cybersecurity and compliance firm headquartered in Knoxville, Tennessee, announced today the release of a new HIPAA compliance case study. The case study documents how CTS Software, the developer of TripMaster, enlisted Sword & Shield’s...

Read More



Page 2 of 1712345...10...Last »