Yahoo Hack Was the Result of Years of Poor Cyber Security Practices

For Years, Yahoo Put Usability Ahead of Cybersecurity The massive Yahoo data breach, which compromised 500 million user accounts and has put its planned acquisition by Verizon at risk, happened because the company repeatedly put product user experience ahead of security, the New York Times reports: Six years ago, Yahoo’s computer systems and customer email… Read More

Proactive Cyber Security Can Prevent Vote Hacking

In a heated political climate, even the appearance of vote hacking could threaten our nation’s democracy. The most contentious issue this election season may not be immigration or minimum wage laws but cybersecurity; specifically, the specter of vote hacking. Shortly after the discovery that the Democratic National Convention’s email server had been hacked came news… Read More

IoT Cyber Security Issues Could Stall Self-Driving Cars

How quickly self-driving cars roll out is dependent on the industry addressing some very serious IoT cyber security issues. Now that Uber has commenced a pilot test of driverless vehicles in Pittsburgh, and competitor Lyft has predicted that most of its cars will be driverless by 2021, self-driving cars are what everyone is talking about.… Read More

PCI DSS Compliance Alone Won’t Protect Your Customer Data

PCI DSS compliance is serious business for anyone who processes or accepts major payment cards. Retailers or payment processors who are found to be in violation of PCI DSS can be fined millions of dollars, and they may even be stripped of their ability to accept major credit cards. However, PCI DSS compliance standards are… Read More

Houston Astros Hack Exposes Poor Cyber Security Practices

Doping allegations, illegal gambling, and other attempts to game the system and give a player or a team an edge have long plagued the professional sports world. Now, the cheating has gone cyber. Chris Correa, a former executive with the Saint Louis Cardinals MLB team, has been sentenced to nearly four years in prison for… Read More

SWIFT Network Attacks: 3 Lessons in Cyber Security

It sounds like the plot of a James Bond movie: A band of international bank robbers have made off with nearly $100 million, and bank executives are biting their nails as the thieves remain at large. But these heists happened in real life, and the thieves never actually set foot inside a bank. They used… Read More

Where’s the Data Security? Wendy’s Data Breach Bigger than Originally Thought

Wendy’s Data Breach: Forget the beef, where’s the data security? The Wendy’s data security breach, news of which first broke in January, is much worse than the fast-food company originally thought. Wendy’s first reported that the POS system breach impacted only about 5% — or approximately 300 – of its franchise-owned restaurants. However, after allegations… Read More

Continuum Clarifies What SSAE 16 Compliance Means

When contracting with a service provider, such as a data center, it is important for companies to ensure that their provider possesses the cyber security-related certifications and compliance standards that are applicable to the company’s industry. Data centers, as well as service providers who contract with data centers, sometimes claim to be “SSAE 16” certified.… Read More

IoT Security: Medical Devices Are the Next Target for Hackers

Up until now, healthcare cyber security has been focused on protecting patient data, ensuring HIPAA compliance, and, more recently, protecting systems from ransomware attacks. However, as healthcare technology advances, a new threat is emerging: the potential for hackers to attack smart medical devices such as insulin pumps and pacemakers. If IoT security is not taken… Read More

5 Tips for Healthcare Cyber Security

In a previous blog, we discussed the recent epidemic of ransomware attacks on U.S. healthcare organizations and the importance of the industry taking this very serious cybersecurity threat – and healthcare cybersecurity in general – seriously. The good news is that although a ransomware attack can bring a healthcare facility to its knees, ransomware attacks… Read More

The Cybervisors Are Here Vigorously Addressing Global One Million Cyber Security Job Shortage

A recent report revealed that “More than 209,000 cybersecurity job postings in the U.S. are unfilled, and postings are up 74% over the past five years.” Lazarus Alliance Cybervisors are the front line for the global business community, bridging this critical cyber security job talent shortage. Steve Morgan, a professional acquaintance who writes about cyber… Read More

The Citadel Breached – The Cyber Security Act of 2015

Continuum GRC unveils the next generation of cybercrime prevention for organizations with NIST and SEC, NFA compliance requirements in concert with the Cybersecurity Act of 2015. Continuum GRC released the next generation antidote to fight cyber crime, compliance failures, corporate fraud, and criminal cyber-misconduct with the IT Audit Machine (ITAM IT audit software. Considered to… Read More

Ransomware Attacks Show that Healthcare Must Take Cybersecurity Seriously

In a previous blog, we provided a primer on HIPAA compliance and discussed the importance of complying with this complex federal law, which is geared toward protecting patients’ private health information (PHI). While healthcare providers and healthcare industry vendors cannot afford to ignore HIPAA, a new threat has emerged and is poised to become much… Read More

Human Hacking, Not Automated Attacks, Top Cyber Threat

Human hacking, also known as social engineering, has surpassed hardware and software vulnerabilities and is now the top cybersecurity threat, Computer Weekly reports: [A]ttackers shifted away from automated exploits in 2015. Instead, attackers engaged people through email, social media and mobile apps to do the dirty work of infecting systems, stealing credentials and transferring funds.… Read More

Hooray for Hollywood! – Hackers Hold Healthcare Hostage

Hackers Hold Hollywood Healthcare Hostage Hollywood Presbyterian Medical Center paid a $17,000 ransom in bitcoin to hackers who seized control of the hospital’s computer systems holding them a healthcare hostage. The cyber assault on Hollywood Presbyterian occurred Feb. 5, 2016, when hackers using malware infected the institution’s computers, preventing hospital staff from being able to… Read More

Hooray for Hollywood! – Hackers Hold Healthcare Hostage

Hackers Hold Hollywood Healthcare Hostage Hollywood Presbyterian Medical Center paid a $17,000 ransom in bitcoin to hackers who seized control of the hospital’s computer systems holding them a healthcare hostage. The cyber assault on Hollywood Presbyterian occurred Feb. 5, 2016, when hackers using malware infected the institution’s computers, preventing hospital staff from being able to… Read More

Cyber Forensics Protect the Innocent

Cyber Forensics Protect the Innocent It is always rewarding when cybersecurity and cyber forensics protect the innocent.  Monique Vivien Macias of KPNX 12 News Phoenix discusses with Lazarus Alliance and Continuum GRC’s CEO Michael Peters how cyber forensics has become such a vital resource in law enforcement’s toolkit. Christopher Thomas McKenna, the former Chaparral High School teacher… Read More

Defeating Cyber Security Deficits with a 1-2 Punch

Defeating Cyber Security Deficits with a 1-2 Punch Steve Morgan, a professional acquaintance who writes about cybersecurity for Forbes, published One Million Cybersecurity Job Openings In 2016 and revealed some jaw-dropping statistics concerning the growing deficit in hiring qualified cybersecurity employees. To make matters worse, this chasm is exacerbated by the explosion of corporate breaches… Read More

Security audit done the same old way?

Still doing security audit and compliance assessments the same old way? The definition of insanity is doing something over and over again and expecting a different result. Data breaches are occurring at an alarming and escalating rate despite the traditional assessment methodology and  tools. It’s time to shake up and wake up the cybersecurity industry… Read More