Cyber Security Due Diligence Has Become a Fundamental Part of M&A Transactions Data breaches and a failure to comply with governmental and industry standards can impact a company in many ways, as Yahoo is finding out the hard way. The company’s recent disclosure of a massive data breach, which resulted in 500 million user accounts… Read More
IoT Cyber Security Issues Could Stall Self-Driving Cars
How quickly self-driving cars roll out is dependent on the industry addressing some very serious IoT cyber security issues. Now that Uber has commenced a pilot test of driverless vehicles in Pittsburgh, and competitor Lyft has predicted that most of its cars will be driverless by 2021, self-driving cars are what everyone is talking about.… Read More
The NSA Hack and the Sorry State of Cyber Security
The NSA Hack Proves that Much More Needs to Be Done to Protect Enterprise Data In the hit USA Network series Mr. Robot, a rogue group of hacktivists target major corporations and the government. In a recent episode, the group enlisted the help of a malicious insider to hack the FBI. Sound far-fetched? Maybe not:… Read More
PCI DSS Compliance Alone Won’t Protect Your Customer Data
PCI DSS compliance is serious business for anyone who processes or accepts major payment cards. Retailers or payment processors who are found to be in violation of PCI DSS can be fined millions of dollars, and they may even be stripped of their ability to accept major credit cards. However, PCI DSS compliance standards are… Read More
Is Cloud Computing Really Secure? A Pragmatic Approach
Is Cloud Computing Really Secure? A Pragmatic Approach Considering Cloud Computing? So, you are making plans to move into cloud computing and are considering your options offered by the plethora of providers out there but you have questions and concerns. Congratulations! The bottom line up front is yes, cloud computing can be very secure. You… Read More
Where’s the Data Security? Wendy’s Data Breach Bigger than Originally Thought
Wendy’s Data Breach: Forget the beef, where’s the data security? The Wendy’s data security breach, news of which first broke in January, is much worse than the fast-food company originally thought. Wendy’s first reported that the POS system breach impacted only about 5% — or approximately 300 – of its franchise-owned restaurants. However, after allegations… Read More
Continuum Clarifies What SSAE 16 Compliance Means
When contracting with a service provider, such as a data center, it is important for companies to ensure that their provider possesses the cyber security-related certifications and compliance standards that are applicable to the company’s industry. Data centers, as well as service providers who contract with data centers, sometimes claim to be “SSAE 16” certified.… Read More
POS Data Security an Issue for Fast-Food Kiosks
POS Data Security? The next time you buy a burger at McDonald’s or Wendy’s, a computer may be the one asking, “Would you like fries with that?” After decades of depending on human workers to take orders – and payments – American fast food chains are finally moving into the computer age, driven by rising… Read More
POS Data Security an Issue for Fast-Food Kiosks
POS Data Security? The next time you buy a burger at McDonald’s or Wendy’s, a computer may be the one asking, “Would you like fries with that?” After decades of depending on human workers to take orders – and payments – American fast food chains are finally moving into the computer age, driven by rising… Read More
Spear Phishing: Don’t Take the Bait!
Following a string of high-profile incidents that began earlier this year, the healthcare industry has been highly focused on preventing ransomware attacks. IoT security has also emerged as a growing concern. However, healthcare organizations (as well as businesses in other industries) cannot afford to ignore another growing threat: spear phishing. Like regular phishing, spear phishing… Read More
IoT Security: Medical Devices Are the Next Target for Hackers
Up until now, healthcare cyber security has been focused on protecting patient data, ensuring HIPAA compliance, and, more recently, protecting systems from ransomware attacks. However, as healthcare technology advances, a new threat is emerging: the potential for hackers to attack smart medical devices such as insulin pumps and pacemakers. If IoT security is not taken… Read More
IoT Security: Medical Devices Are the Next Target for Hackers
Up until now, healthcare cyber security has been focused on protecting patient data, ensuring HIPAA compliance, and, more recently, protecting systems from ransomware attacks. However, as healthcare technology advances, a new threat is emerging: the potential for hackers to attack smart medical devices such as insulin pumps and pacemakers. If IoT security is not taken… Read More
5 Tips for Healthcare Cyber Security
In a previous blog, we discussed the recent epidemic of ransomware attacks on U.S. healthcare organizations and the importance of the industry taking this very serious cybersecurity threat – and healthcare cybersecurity in general – seriously. The good news is that although a ransomware attack can bring a healthcare facility to its knees, ransomware attacks… Read More
The Citadel Breached – The Cyber Security Act of 2015
Continuum GRC unveils the next generation of cybercrime prevention for organizations with NIST and SEC, NFA compliance requirements in concert with the Cybersecurity Act of 2015. Continuum GRC released the next generation antidote to fight cyber crime, compliance failures, corporate fraud, and criminal cyber-misconduct with the IT Audit Machine (ITAM IT audit software. Considered to… Read More
Ransomware Attacks Show that Healthcare Must Take Cybersecurity Seriously
In a previous blog, we provided a primer on HIPAA compliance and discussed the importance of complying with this complex federal law, which is geared toward protecting patients’ private health information (PHI). While healthcare providers and healthcare industry vendors cannot afford to ignore HIPAA, a new threat has emerged and is poised to become much… Read More
What is PCI DSS Compliance?
Confused about PCI DSS compliance? This article will explain PCI DSS and the importance of complying with this important information security standard. What is PCI DSS? PCI DSS stands for the Payment Card Industry (PCI) Data Security Standard (DSS). The PCI DSS is a proprietary information security standard that was established in 2004 by the… Read More
What is HIPAA Compliance?
Confused about HIPAA and HIPAA compliance? This article will explain HIPAA and the importance of complying with this complex federal law. What is HIPAA? HIPAA is the Health Insurance Portability and Accountability Act of 1996, which was signed into law by President Bill Clinton. The HITECH Act, which was signed by President Obama in 2009,… Read More
What is HIPAA Compliance?
Confused about HIPAA and HIPAA compliance? This article will explain HIPAA and the importance of complying with this complex federal law. What is HIPAA? HIPAA is the Health Insurance Portability and Accountability Act of 1996, which was signed into law by President Bill Clinton. The HITECH Act, which was signed by President Obama in 2009,… Read More
Hooray for Hollywood! – Hackers Hold Healthcare Hostage
Hackers Hold Hollywood Healthcare Hostage Hollywood Presbyterian Medical Center paid a $17,000 ransom in bitcoin to hackers who seized control of the hospital’s computer systems holding them a healthcare hostage. The cyber assault on Hollywood Presbyterian occurred Feb. 5, 2016, when hackers using malware infected the institution’s computers, preventing hospital staff from being able to… Read More
Security audit done the same old way?
Still doing security audit and compliance assessments the same old way? The definition of insanity is doing something over and over again and expecting a different result. Data breaches are occurring at an alarming and escalating rate despite the traditional assessment methodology and tools. It’s time to shake up and wake up the cybersecurity industry… Read More
Why Excel is so Old-School and how to be Cool-School
We get it. We completely understand why you still use Excel as an assessment and audit tool. We suffered through it just the same but we believe that working smarter and not harder which is why we invented ITAM IT audit software. The IT Audit Machine (ITAM IT audit software) is the patent pending, industry… Read More
WHAT IS THE IT AUDIT MACHINE (ITAM IT audit software)?
Why ITAM? Find out why ITAM is considered to be the best assessment tool available for your IRM and GRC needs and proactive cybersecurity! ITAM is the patent pending, industry changing assessment creation tool designed specifically for the governance, risk and compliance (GRC) market space but where infinite possibilities exist even outside of the GRC… Read More