As a Chief Security Officer, Chief Information Security Officer, Chief Information Officer, Chief Privacy Officer and career technology practitioner, this category focuses on relevant material and information.
Coronavirus-related Phishing Scams and Attacks on the rise Cybercriminals have been taking advantage of the coronavirus outbreak to target people with phishing scams and malware in the guise of information relevant to the disease. These attacks typically take the form of malicious apps, phishing emails, and phony websites. In addition, the US government has been… Read More
The Evolving Need for PCI DSS Compliance. The current COVID-19 pandemic has dramatically accelerated a trend that was already on the rise — a move toward many new forms of electronic payment that involve capturing and transmitting credit card data. Businesses have moved online-only transactions during this crisis, and many consumers don’t want to handle… Read More
NIST proposes a Secure Software Development Framework to address software supply chain attacks Applying software updates and patches as soon as possible is a cyber security best practice, but what if an update contains malicious code inserted by a hacker? Software supply chain attacks are a serious and growing problem for both private-sector organizations and… Read More
Ransomware-as-a-service lowers the bar for entering the entering the cyber extortion game Ransomware isn’t a new threat. It first rose to prominence back in 2016, when Hollywood Presbyterian Medical Center shelled out $17,000 in bitcoin after an attack took the hospital offline. Since then, ransomware has only become more popular, especially for hackers targeting the… Read More
Malicious browser extensions can steal credentials, cryptocurrency, and more From blocking ads and coin miners to saving news stories for later reading, browser extensions allow users to customize their web browsers for convenience, efficiency, and even privacy and security – usually for free. However, browser extensions need a wealth of access permissions to operate, including… Read More
Hacks in the City: Latest in String of HBO Hacks Targets Company’s Social Media Accounts HBO has had a rough summer, and things are getting progressively worse for the cable titan. The HBO hacks began in late June, when an individual hacker or group calling themselves “Mr. Smith” dumped several episodes of upcoming HBO series… Read More
In a previous blog, we discussed the recent epidemic of ransomware attacks on U.S. healthcare organizations and the importance of the industry taking this very serious cyber security threat – and healthcare cyber security in general – seriously. The good news is that although a ransomware attack can bring a healthcare facility to its knees,… Read More
Hackers Hold Hollywood Healthcare Hostage Hollywood Presbyterian Medical Center paid a $17,000 ransom in bitcoin to hackers who seized control of the hospital’s computer systems holding them a healthcare hostage. The cyber assault on Hollywood Presbyterian occurred Feb. 5, 2016, when hackers using malware infected the institution’s computers, preventing hospital staff from being able to… Read More
Defeating Cyber Security Deficits with a 1-2 Punch Steve Morgan, a professional acquaintance who writes about cyber security for Forbes published One Million Cybersecurity Job Openings In 2016 and revealed some jaw-dropping statistics concerning the growing deficit in hiring qualified cyber security employees. To make matters worse, this chasm is exacerbated by the explosion of… Read More
Why are data breaches escalating? Could it be that this problem threatening business and consumers alike is directly related to service auditors and security assessors are still using the same audit and assessment tools again this year? Data breaches are escalating and the technology your service provider is using and the way they conduct assessments… Read More
We get it. We completely understand why you still use Excel as an assessment and audit tool. We suffered through it just the same but we believe that working smarter and not harder which is why we invented ITAM. The IT Audit Machine (ITAM) is the patent pending, industry changing assessment questionnaire creation tool designed… Read More
2014 Data Breaches by Industry With the holiday season upon us, much attention turns to the retail sector, which is expected to see unprecedented activity as shoppers in a strengthening economy take advantage of seasonal deals and yet-further-expanded shopping hours. However, overshadowing the energy of the holiday shopping season, the specter of data breaches past… Read More
Secure in 60 Seconds While you slip into that Thanksgiving Day coma, take 6o seconds to beat holiday crime and stay secure. Nearly half of holiday shopping this year will be done through online merchants; about 46 percent according to the National Retail Federation. That is up slightly from last year and is another sign… Read More
How do you quantify the true cost of a data breach? How do you measure the costs against the benefits of eliminating risks, mitigating risks or accepting risks to your business effectively? The Lazarus Alliance executive leadership team has been the proverbial tip of the spear within the proactive cyber security realm well before there… Read More
While United Airlines grounded their entire fleet and the Wall Street Journal was off-line and the New York Stock Exchange could not conduct trading yesterday for an extended period of time, they all have stated that they were not under a cyber attack. I do not believe in coincidences! Apparently I am not alone with this sentiment.… Read More
The Proverbial Identity Theft Bus Will Run You Over! Think about a time when you had a single credit card lost or stolen and how much of a pain that experience was. Now imagine if your entire wallet was lost or stolen and the exponential magnitude of pain in the patootie that would be for… Read More
Federal cyber security breach has left millions of American citizens as casualties. Lazarus Alliance responds with proactive cyber-crime prevention. Lazarus Alliance ups the ante with proactive cyber security weapons in the corporate arsenal to fight cybercrime, corporate fraud, espionage and criminal cyber-misconduct. The egregious revelations following this security breach is that the Office of Personnel… Read More
2015 State-by-State Data Breach Charts The following standard definitions of Personal Information and Breach of Security (based on the definition commonly used by most states) are used for ease of reference, and any variations from the common definition are noted: Personal Information: An individual’s first name or first initial and last name plus one or… Read More
I’m honored to be invited to EC-Council’s TakeDownCon keynote speaker for the 2015 event. TakeDownCon brings together information security researchers and technical experts from corporate to underground industries, to a unique “Ethical Hacking” conference. In two days, they will present and debate the latest security threats, disclose current vulnerabilities, and share information crucial to the… Read More
Recently Michael Peters, CEO of Lazarus Alliance, spent time with David Cogan of Money Radio and eLiances discussing the differences between proactive cyber security and reactive cyber security. You can replay the broadcast as heard on money radio. An overview of the discussion was when you think cyber security, what comes to your mind first? I’ve… Read More
With a show of those virtual hands, who has been notified by their credit card company about their personal information being exposed to cyber-crime? Now, with a show of those virtual hands; who has never been notified? If you think the problem is that cyber criminals are too good; you are mistaken. The problem is… Read More
If you think that the business general liability or even purpose built cyber insurance policies will cover you in the event of a cyber-security breach, it’s highly likely you are mistaken. In fact, it is in your carriers best business interest to deny your claim. Chances are the exemptions in your policy exclude coverage for… Read More
It’s always rewarding when your work and accomplishments are recognized especially when it comes without warning. Like I tell people, “You never know when you are auditioning!” The message from CIO Review included: CIO Review : Lazarus Alliance has been shortlisted for 20 Most Promising Capital Market Technology Solution Providers In the last few months… Read More
Cyber-crime is largely a crime of opportunity. Just like a burglar cases the neighborhood looking for easy pickings. Cyber-criminals case the Internet looking for victims who make it easier to steal from them, the companies they lead or belong to. By adhering to the Security Trifecta® and implementing a proactive cyber security strategy based in… Read More