Crypto-Mining Malware is Crippling Enterprise Networks Cryptocurrencies such as Bitcoin and Ethereum have gone mainstream; it seems like everybody and their brother is looking to buy some crypto and get their piece of the digital currency gold rush. Hackers want a piece of it, too. In addition to hacking ICO’s and cryptocurrency exchanges, they’re using… Read More
CUTV News Radio spotlights Michael Peters of Lazarus Alliance
GSA Proposes Changes to Federal Contractor Cyber Security Rules
Stronger GSA Federal Contractor Cyber Security Rules Are Coming The General Services Administration (GSA) is planning to tighten up federal contractor cyber security requirements regarding sensitive non-classified data, according to a Federal Register Notice dated January 12. The rules would cover internal contractor systems, external contractor systems, cloud systems, and mobile systems. Technically, the proposed… Read More
5 Best Practices for Complying with SEC, NFA FINRA Cyber Security Standards
Complying with SEC, NFA FINRA Cyber Security Standards Both the SEC, NFA and FINRA have indicated that they will put heavy emphasis on cyber security enforcement throughout 2018. While FINRA is explicit – among other things, it publishes a cyber security checklist and a detailed report on best practices – the SEC’s guidance is far… Read More
Post Equifax, New Data Breach Notification Laws are Inevitable
New data breach notification regulations aren’t a matter of if, but when The U.S. Securities and Exchange Commission plans to update its six-year-old guidelines regarding data breach notification and cyber risk disclosure, Bank Info Security reports: The agency has indicated that it expects to refine guidance around how businesses disclose cybersecurity risks to investors as… Read More
Cyber New Year’s Resolutions: Cyber Security Tips for 2018
Cyber Security Tips for 2018 and Beyond Now that the year is coming to an end, all eyes are on what’s possibly around the corner. More attacks on cryptocurrencies? An escalation in attacks by state-sponsored cyber criminals? Chaos as the EU’s GDPR is implemented? In cyber security, only one thing is certain: It’s a continuous… Read More
5 Reasons Why Your Enterprise Should Put IRM Before GRC
Gartner Is Shifting Its Focus Toward IRM, and You Should, Too Over the summer, Gartner announced that it was moving its focus away from GRC and launching a new Magic Quadrant for integrated risk management, or IRM: IRM enables simplification, automation and integration of strategic, operational and IT risk management processes and data. IRM goes… Read More
5 Reasons Why Your Enterprise Should Put IRM Before GRC
Gartner Is Shifting Its Focus Toward IRM, and You Should, Too Over the summer, Gartner announced that it was moving its focus away from GRC and launching a new Magic Quadrant for integrated risk management, or IRM: IRM enables simplification, automation and integration of strategic, operational and IT risk management processes and data. IRM goes… Read More
Uber Breach Gets Worse: Company Accused of Cyber Spying
Uber Breach a Case Study in Awful Cyber and Business Ethics The Uber breach, which compromised the data of 57 million drivers and customers worldwide, has just gone from bad to worse. Not only did the company wait for a year to disclose the hack, it scrambled to cover it up by forking over $100,000… Read More
Take our FREE GDPR readiness assessment and download your report today.
GDPR Compliance Means Transforming Your Data Governance
Data Governance Is at the Core of GDPR Compliance Organizations have until May 25, 2018, to comply with the EU’s new General Data Protection Regulation (GDPR). Arguably the most comprehensive, far-reaching data privacy law passed to date, the GDPR grants European consumers numerous new data privacy rights and places new data governance responsibilities on organizations.… Read More
Unencrypted Retail POS System Cited in Forever 21 Breach
Forever 21 Breach Disclosed on the Cusp of the Holiday Shopping Season Clothing retailer Forever 21 suffered a POS system breach in an undisclosed number of stores from March to October 2017, the company announced last week. The Forever 21 breach was discovered by a third party and involved hackers taking advantage of POS systems… Read More
Social Media Security and the Trump Twitter Account Incident
Social Media Security Matters: Just Look at the Trump Twitter Account Debacle The recent Trump Twitter account incident – where the president’s Twitter feed was deactivated for 11 minutes – was fodder for many late-night television jokes. All kidding aside, though, enterprise social media security is serious business. A social media presence is an integral… Read More
FISMA, FedRAMP, and NIST: Federal Compliance Demystified
FISMA vs. FedRAMP and NIST: Making Sense of Government Compliance Standards FISMA, FedRAMP, NIST, DFARS, CJIS, HIPAA … Government compliance standards can seem like a veritable alphabet soup. Making matters even worse, a lot of them overlap, and many organizations aren’t certain which standards they need to comply with. Even if your organization does not… Read More
Why Cloud Service Providers Should Consider FedRAMP Certification
FedRAMP Certification Can Help Grow Your Cloud Service Business The Federal Risk and Authorization Management Program (FedRAMP) was designed to support the federal government’s “cloud-first” initiative by making it easier for federal agencies to contract with cloud providers. Like FISMA, DFARS, CJIS, and HIPAA, FedRAMP’s security controls are based on NIST 800-53. If your cloud… Read More
Cyber Risk Management Lessons Companies Need to Learn Right Now
Don’t want your company to be the next Yahoo, Equifax, Deloitte, or SEC? Don’t ignore cyber risk management. October is National Cyber Security Awareness Month in the U.S., which is quite fitting right now, being as barely a day is going by without yet another disclosure of a massive hack, and Americans are far more… Read More
SEC, NFA Hack: Wall Street’s Top Regulator Breached
The SEC, NFA hack has pitched the international finance world into turmoil as Wall Street’s top regulator admits to not having secured its own systems. Move over, Equifax; the SEC, NFA hack may have just stolen your thunder. Less than two weeks after Equifax disclosed that it had been breached, compromising the personal information of… Read More
Equifax Breach Compromises Half of U.S. Population
The Equifax breach isn’t the largest data breach, but it is one of the most troubling because of its massive scope, the nature of the information stolen, and the absolutely awful way in which it has been handled. While Hurricane Irma dominated the national news late last week, a man-made disaster unfolded in the background… Read More
HBO Hacks Indicate a Company in Cyber Security Crisis
Hacks in the City: Latest in String of HBO Hacks Targets Company’s Social Media Accounts HBO has had a rough summer, and things are getting progressively worse for the cable titan. The HBO hacks began in late June, when an individual hacker or group calling themselves “Mr. Smith” dumped several episodes of upcoming HBO series… Read More
HBO Hacks Indicate a Company in Cyber Security Crisis
HBO has had a rough summer, and things are getting progressively worse for the cable titan. The HBO hacks began in late June, when an individual hacker or group calling themselves “Mr. Smith” dumped several episodes of an upcoming HBO series and the script to an upcoming Game of Thrones episode online. Mr. Smith claimed… Read More
HBO Hack Underscores the Growing Threat of Digital IP Theft
HBO Hack Targeted Valuable Intellectual Property and Company Secrets Corporate espionage and the theft of intellectual property and company secrets have gone cyber. The latest victim is cable network HBO and its flagship series Game of Thrones. The HBO hack, perpetrated by a hacker or group calling themselves “Mr. Smith,” may involve as much as… Read More
Latest Anthem Breach Traced Back to Third-Party Vendor
Anthem – yes, that Anthem – has been hacked again. About a month after the beleaguered health insurer agreed to fork over a record-setting $115 million to settle a class action lawsuit related to its massive 2015 breach, it was breached again, or rather, one of its third-party vendors was. The 2017 Anthem breach involved… Read More
DFARS Compliance Deadline Approaching for DoD Contractors
Department of Defense contractors and their subcontractors have until December 31 to obtain DFARS compliance Third-party data breaches are a serious problem, especially when highly sensitive data is involved – and our nation’s infrastructure, including our defense systems, are built and maintained by third-party government contractors. Recognizing this, the U.S. Department of Defense is requiring… Read More
Report Finds Arizona Businesses Hit Hard By Malware
A new report by a cybersecurity firm shows Arizona businesses lead the nation in malware detections. Malwarebytes examined data from its client companies with fewer than 1,000 employees. In the first quarter of this year, Malwarebytes found incidents in Arizona increased 1,332 percent compared with the same period a year earlier. “It’s really malicious software that’s been… Read More