[expert tips at your fingertips]


From a cybersecurity perspective, 2019 was a year of exuberant ups and catastrophic downs. As headline after headline showed, cybercrime is just a part of life now. So, how did what happened in 2019 change the cybersecurity landscape – and what does 2020 hold for us all?

New year, new… cybersecurity? The new year brings a lot more with it than just an increase in gym membership sign-ups. It will undoubtedly introduce new ideas, new trends, and, yes, new risks and regulations. So, what will our biggest challenges be in 2020?

Join GreyCastle Security’s Vice President of Services, Dan Didier, as he explores that question and dives into the trends you’ll want to watch for in the new year.


In this webinar, Pat Argyrakis, Security Strategist will teach you how to walk, talk, and think like an ISMS Manager. She’ll take you through the journey of what you should be doing after the dust has settled, and explain why the Three C’s (Communicating, Celebrating, and Continual improvement) are essential to your organization.

We’ll be giving you practical aftermath secrets that will benefit you and your organization’s continued success.


Being an accountable organization means protecting personally identifiable information, health records, financial information, social security numbers, and a myriad of other data assets.

In order to effectively protect these assets, you need to align the gaps in your security program with security controls that are the best fit for your organization.

But how do you know what your gaps are or what tests and assessments need to be run? Gary Braglia explains the differences between vulnerability assessments and penetration testing, and why knowing the difference is crucial for your organization.


With compliance requirements that are ever-changing and an endless stream of vendor questionnaires stacking up in your inbox, it can be difficult to make cybersecurity strategy decisions.

Join GreyCastle Security's Director of Product Management, Wil Seiler, and Security Strategist, Pat Argyrakis, as they duke it out to see which compliance comes out on top: SOC 2 or ISO 27001.


You read our blogs. You attend our webinars. You "like" our posts on social media. But do you really know who GreyCastle Security is?

We invite you to join us as we lower the drawbridge and open the castle doors to give you an insider's look into who we are, what we solve, and how we're different.


When it comes to implementing technology within a healthcare organization, there are inherent risks as well as benefits. GreyCastle Security is here to diagnose and address those concerns while sharing how to build a treatment plan that strengthens the health and security of your organization today.

Join GreyCastle Security for this webinar where we will address the most common cybersecurity pain points facing healthcare and explore foundational controls.


Hackers know that contractors and other third-party providers can provide an opening into otherwise-secured corporate networks. How can you extend your internal security controls to your vendors and help reduce your organization's risk?

Security Strategist, Daniel Gibson, gives an in-depth look into vendor risk management: how to get started, the challenges, what to avoid and what to expect when tackling a vendor risk management program.


You wouldn’t build a house without a foundation, so why are you building a cybersecurity program without data classification?

In this webinar, VP of Services, Dan Didier, demystifies data classification, explore barriers to implementation, and demonstrate how performing this foundational process can save your business time, money, and energy.


You need an awareness program designed for long-term results. Runners don’t wake up one day and say, "I'm going to run a marathon." Your cybersecurity awareness program is going to require the same drive and dedication.

Join Brian Murphy, Security Specialist at GreyCastle Security, as he shares the tips, tricks, and best practices we use to transform corporate citizens into cybersecurity Olympians.


Derek Loonan, Senior Security specialist, demystifies risk management 101 and provide attendees with practical tactics focused on risk mitigation, a simple eight-step process for managing risk and effective methods for complying with HIPAA, HITECH and healthcare security standards.


Imagine this scenario: your computer has been infected with malicious software that has stolen your credit card and banking information – and now it is actively spreading across your network, infecting every system that it can access.


One of the biggest factors when choosing a vendor or strategic partner is their cybersecurity program.

Join GreyCastle Security as we demystify obtaining a clean SOC 2 Type 2 Report which will lead to measurable ROI through your cybersecurity investments.


In this webinar, Dr. Bertine Colombo McKenna, FACHE, Executive Healthcare Advisor for GreyCastle Security and former Healthcare Executive, will examine the Task Group’s newest report and how healthcare organizations can obtain positive outcomes through information security.

Brian Didier, Security Specialist at GreyCastle Security, will join Dr. McKenna to break down the most common cybersecurity threats healthcare providers face today and how to avoid them.


Cybersecurity is not just an "IT" issue – it affects the overall health of your business. But does your current budget reflect that? You need a supporting cybersecurity budget that allows you to address common business concerns.

Join Paul Robinson, Cybersecurity Solutions Advisor, as he identifies what it really means to have a purposefully cybersecurity budget.


Join F. Paul Greene, Partner at Harter Secrest & Emery, and Dan Didier, Vice President of Services at GreyCastle Security, for a timely update to get real-world insight on a new attack surface that is subject to exploit: student, applicant, and alumni data maintained on SaaS platforms.


Utilizing a framework can help your higher education institution address common business risk concerns.

Senior Security Specialist, Barry Hofecker takes attendees through the benefits of having the NIST 800-171 framework as the foundation of your cybersecurity program.


ISO 27001 can be frustrating and the clausal information can be very non-prescriptive.

Wil Seiler, Director of Product Management at GreyCastle Security, breaks down how ISO 27001 compliance can help your bottom line.


Join GreyCastle Security to understand how to get back to the basics and make cybersecurity a tool that everyone in the company understands, trusts and relies on to effectively manage risk.

Listen to GreyCastle Security's Vice President of Services speak on the six key steps to building your own Next-Gen Cybersecurity Program.


GreyCastle Security identifies and demystifies seven of the top misconceptions about cybersecurity.

Join GreyCastle Security's Cybersecurity Solution Advisor Paul Robinson and Direction of Business Intelligence Sean Phillips as they guide attendees on how GreyCastle Security defines industry standards.


Incident Response and Digital Forensics, for the most part, have differing phases, objectives, and goals.

However, they need to complement each other to not only provide answers but to also give insight in preventing reoccurrence of the security incident.

Senior Security Specialist, Adam Dean, walks attendees through how they work together during a security incident.


GLBA compliance is not a new concept.

Would your risk assessment make the grade? Do you need to prepare for GLBA audits?

Join GreyCastle Security's Vice President of Services to learn about why the risk assessment process must be run by the business.


2019, like years past, has been one of exuberant ups and catastrophic downs. Cybersecurity is still a fledgling industry with a penchant for entropy and a flair for hype. And an endless supply of radically disparate statistics from all corners of the industry proves only one thing - we're still in survival mode.

So what will our biggest challenges be 2019?


Money is missing, malware is exploding and the clock is ticking. In the new cyber environment, you're either failing to plan or planning to fail. This webinar will focus on one of the most critical elements in any Incident Response process - the Incident Response Go Bag.

Join GreyCastle Security as we journey into the heart of the first response and the tools and techniques that all responders should have ready to go.


Does the upcoming GLBA audit have your institution in a panic?

This is the perfect time to verify that you meet all the requirements. Would your risk assessment make the grade? What about your training program? What type of evaluation of your third-party service providers do you need and how should you document it?

The GLBA Safeguards Rule covers all of these items.


It's essential to make your employees aware of the latest threats and cybersecurity best practices for protecting themselves and your business. However, awareness is not a "one and done" event; it is a continuous process of learning and adjusting.

In this webinar, you'll learn how to develop a cybersecurity awareness training program, how to get buy-in from executives and management, and how to reinforce cybersecurity training with employees.


Unfortunately, when it comes to ISO 27001 certification, timelines for compliance can be truncated by external deadlines from third parties.

In this webinar, GreyCastle Security will help you learn how to respond to, or see, the quickest path toward ISO 27001 certification.


Studies show that there are nearly 500,000 open cybersecurity positions in the United States, a 5,000% increase from 2010.

By "virtualizing" your cybersecurity function, you can expand your existing team with experts, when you need them. All for the price of a single cybersecurity resource.

Join GreyCastle Security as we introduce the next-generation concept of cybersecurity program "virtualization" and the benefits that it offers.


Based on recent high profile breaches, hackers have learned that contractors and other third-party providers can provide an opening into otherwise-secured corporate networks.

You’ve spent time, money and energy securing your organization internally, only to have the back door wide open.


If you are among the 60-75% of organizations that have been recently surveyed and are not in compliance with GDPR, you are probably facing a bevy of concerns.

GreyCastle Security’s Senior Security Specialist, Sarah Cushard, will help you respond to privacy requests and take the quickest path toward realistic GDPR compliance.


You're storing and transmitting everything from educational records and medical records to PII and credit card data.

Let's face it - your organization is a big target.

There are threats from external attackers, malicious insiders, unaware and apathetic employees - and you want to understand how prepared you are. But not all pen tests are created equal.


While the cloud offers very real and measurable benefits, it also requires new thinking about the associated cybersecurity risks.

This session will provide recent real-world experiences with cloud providers and discuss important considerations for utilizing this new architecture. Case studies will be presented, and attendees will walk away with actionable advice for managing risk in their cloud(s).


Attorney F. Paul Greene and GreyCastle Security Security Strategist and Practice Lead Candice Wold will guide attendees on developing a realistic approach to the timeline as well as identify how current requirements from standards such as ISO 27001:2013 and Privacy Shield may affect your organization’s adherence to GDPR.


Being able to respond efficiently and effectively to ransomware can make the difference between survival or getting chewed up and spit back out.

Although ransomware typically targets only targets a single user, attackers are learning different distribution and infection methods that can take your organization down for days, weeks, or potentially months.


GreyCastle Security will cover the standards for risk assessment that work for almost all regulatory and compliance requirements.


When it comes to your health, preventative care is always the better option. Even though you can’t know when a heart attack or stroke will strike, there are many different things you can do to lower your risk.

It's the same concept with cybersecurity. Preventative measures will lower the probability of a breach. If ignored, the result can deeply impact your organization's reputation and finances.


GreyCastle Security will provide much-needed information and a no-nonsense guide on ISO 27001:2013 certification.

Learn how you can build an efficient, cost-effective and meaningful cybersecurity program.


GreyCastle Security will explore the hidden risks and the response planning tactics that will help ensure your organization isn’t the next victim of cybercrime.


The New York State Department of Financial Services (DFS) recently proposed a cybersecurity program for regulated organizations including banks and insurance companies. This requires regulated entities to establish and maintain a cybersecurity program to protect consumer information.