The top cyber security threats your organization may encounter in 2019 The cyber threat environment is becoming more dangerous every day. A recent survey by the World Economic Forum revealed that cyber-attacks were the number-one concern of executives in Europe and other advanced economies. As we approach the winter holidays and the end of the… Read More
As the popularity of medical IoT devices grows, so do security vulnerabilities. There are more connected devices than there are humans on Earth. Organizations have been as quick to embrace the Internet of Things as consumers have, and the healthcare industry is no exception. Medical IoT devices have exploded in popularity and grown in complexity.… Read More
Penetration tests and vulnerability scans are related but different cyber security services The difference between penetration tests and vulnerability scans is a common source of confusion. While both are important tools for cyber risk analysis and are mandated under PCI DSS, HIPAA, and other security standards and frameworks, they are quite different. Let’s examine the… Read More
Before you send out that next email marketing blast, make sure you’re compliant with the EU GDPR Email marketing is big business. MarTech Advisor reports that it is the best-performing channel for a company’s ROI, and 61% of consumers prefer to receive offers via email, as opposed to only 5% who prefer social media offers.… Read More
The Under Armour breach provides lessons in the do’s and don’ts of enterprise cyber security and compliance with the EU GDPR Last week, athletic apparel manufacturer Under Armour announced that its popular MyFitnessPal weight loss and fitness tracking app had been hacked, compromising 150 million accounts. The Under Armour breach is the largest data breach… Read More
This Year’s Crop of Tax Phishing Scams Target Individuals, Employers, and Tax Preparers Tax season is stressful enough without having to worry about becoming the victim of a cyber crime. Here are three different tax phishing scams targeting employers, individuals, and even tax preparers that are currently making the rounds. Employers: W-2 Phishing Emails The… Read More
Two new reports illustrate the threat of employee carelessness and maliciousness to healthcare data security Healthcare data security is under attack from the inside. While insider threats – due to employee error, carelessness, or malicious intent – are a problem in every industry, they are a particular pox on healthcare data security. Two recent reports… Read More
Comprehensive anti-harassment policies are even more important in light of #MeToo movement The #MeToo movement, which was birthed in the wake of sexual abuse allegations against Hollywood mogul Harvey Weinstein, has shined a spotlight on the epidemic of sexual harassment and discrimination in the U.S. According to a nationwide survey by Stop Street Harassment, a… Read More
Mueller indictments of Russian cyber criminals put election hacking at top of mind State officials expressed grave concerns about election hacking the day after Special Counsel Robert Mueller handed down indictments of 13 Russian nationals on charges of interfering with the 2016 presidential election. The Washington Post reports: At a conference of state secretaries of… Read More
Crypto-Mining Malware is Crippling Enterprise Networks Cryptocurrencies such as Bitcoin and Ethereum have gone mainstream; it seems like everybody and their brother is looking to buy some crypto and get their piece of the digital currency gold rush. Hackers want a piece of it, too. In addition to hacking ICO’s and cryptocurrency exchanges, they’re using… Read More
New data breach notification regulations aren’t a matter of if, but when The U.S. Securities and Exchange Commission plans to update its six-year-old guidelines regarding data breach notification and cyber risk disclosure, Bank Info Security reports: The agency has indicated that it expects to refine guidance around how businesses disclose cybersecurity risks to investors as… Read More
Cyber Security Tips for 2018 and Beyond Now that the year is coming to an end, all eyes are on what’s possibly around the corner. More attacks on cryptocurrencies? An escalation in attacks by state-sponsored cyber criminals? Chaos as the EU’s GDPR is implemented? In cyber security, only one thing is certain: It’s a continuous… Read More
Gartner Is Shifting Its Focus Toward IRM, and You Should, Too Over the summer, Gartner announced that it was moving its focus away from GRC and launching a new Magic Quadrant for integrated risk management, or IRM: IRM enables simplification, automation and integration of strategic, operational and IT risk management processes and data. IRM goes… Read More
FISMA vs. FedRAMP and NIST: Making Sense of Government Compliance Standards FISMA, FedRAMP, NIST, DFARS, CJIS, HIPAA … Government compliance standards can seem like a veritable alphabet soup. Making matters even worse, a lot of them overlap, and many organizations aren’t certain which standards they need to comply with. Even if your organization does not… Read More
Hacks in the City: Latest in String of HBO Hacks Targets Company’s Social Media Accounts HBO has had a rough summer, and things are getting progressively worse for the cable titan. The HBO hacks began in late June, when an individual hacker or group calling themselves “Mr. Smith” dumped several episodes of upcoming HBO series… Read More
A new report by a cybersecurity firm shows Arizona businesses lead the nation in malware detections. Malwarebytes examined data from its client companies with fewer than 1,000 employees. In the first quarter of this year, Malwarebytes found incidents in Arizona increased 1,332 percent compared with the same period a year earlier. “It’s really malicious software that’s been… Read More
White-Hat Hackers Are Already Being Caught in the Cryptocurrency Regulation Net Cryptocurrencies have long been associated with cyber crime. The cryptocurrency Bitcoin was the de facto currency of the notorious online black market Silk Road, it remains the preferred payment method on the Dark Net, and the majority of ransomware attacks, including WannaCry, demand payment… Read More
If you are in need of a HIPAA compliant Business Associate Agreement (BAA), we can provide one to you for free. Create an account in the ITAM demonstration system and subscribe to the HIPAA Business Associate Contract. After answering a few simple questions you will be able to immediately download a perfectly prepared HIPAA Business… Read More
Back to School: Education Cyber Security K-12 school systems, colleges, and universities are being increasingly targeted by hackers, yet education cyber security is as woefully lacking as other industries, as these recent incidents illustrate: In November 2016, Columbia County School District in Georgia admitted to a breach of personal information belonging to its employees and… Read More
“The dreams I have today become my blueprints for tomorrow.” Michael Peters
I recently had the pleasure of visiting the Office Pile and being interviewed by the inimitable Francisco X. Aguirre. We had a great time discussing cyber security and the little know origins of the company name Lazarus Alliance. Entrepreneurs ‘N Fuego, a project of The TOP Foundation, a non-profit organization, is the First Multimedia Broadcast… Read More
Free HIPAA Awareness & Compliance Survey If you are in the healthcare business you have HIPAA compliance requirements to adhere to. Maybe you are not aware of what they or maybe you just want to gauge your organization’s readiness prior to seeking professional help? The good folks over at Continuum GRC have provided a short… Read More
“The spirit of innovation or the ability to innovate are not attributes a person makes a conscious decision to possess but rather they flow from the intellectual wellspring we are born with.” – Michael Peters