Plagiarism, Authority, and Trust on the Internet

Plagiarism isn’t new, and the proliferation of shady websites and questionable decisions from search engine giant Google has led to sinister and sometimes silly evolutions in what fraudsters can do with the theft of someone’s intellectual property. According to Plagiarism Daily, we’re seeing a new outgrowth of plagiarism creep up on us. Gone are the… Read More

ISO 27000 Demystified

The ISO (International Organization for Standardization) and the IEC (International Electrotechnical Commission) provide a globally recognized framework for best-practice information security management: the ISO/IEC 27000 family of mutually supporting information security standards (also known as the ISO 27000 series). The most well-known of the series is ISO 27001, which sets out the specification for an… Read More

Something Phishy is happening – Phishing Scams on the Rise

Cybercriminals have been taking advantage of the coronavirus outbreak to target people with phishing scams and malware in the guise of information relevant to the disease. These attacks typically take the form of malicious apps, phishing emails, and phony websites. In addition, the US government has been offering stimulus payments, presenting another area ripe for… Read More

The Need for a Business Continuity Plan

The need for a business continuity plan is becoming more critical as businesses adjust to disruptions caused by the coronavirus. A virus in and of itself can’t shut your company’s systems, operations, or services down, but it can impact how a business functions. It’s not often that businesses face a pandemic. Still, natural disasters, human-made… Read More

Securing yourself in a Remote Work World

COVID-19 or the Coronavirus is changing life as we know it. From simple handshakes to finding toilet paper, life has changed tremendously over the past several weeks. One area that is significantly impacted is the rise of remote workers. Companies in every industry are mandating that employees work from their home offices. This sudden shift… Read More

The Role of Artificial Intelligence in Cybersecurity

Artificial Intelligence in Cybersecurity Artificial Intelligence (AI) can be used in the Cybersecurity Industry in many ways, which are still yet to be tapped into. Just as much as other technologies are constantly and dynamically changing, so too is this field. It has just started to make its debut for security applications, and there is… Read More

SMB Cyber Security Threatened by Human Hacking

If you think your company is too small to be hacked, think again. According to a new report on SMB cybersecurity by the Ponemon Institute and Keeper Security, 66% of small and medium-sized businesses (SMBs) around the world experienced a cyberattack in the past year. In the U.S., the situation is particularly dire, with 76%… Read More

Dark Data Is Hurting Your Cyber Security

Server rooms filled with digital files may look neater than the paper file rooms of old, but they’re not necessarily more organized, and “dark data” lurks around every corner. Sixty percent of respondents to a survey by big data software vendor Splunk admitted that more than half of their organizations’ data is dark, and one-third… Read More

NIST IoT Security Guidelines Draft Up for Comment

From refrigerators and doorbells to insulin pumps and heart monitors, a growing number of devices are being connected to wireless networks. IoT devices offer a world of convenience and benefits, from a homeowner being able to monitor their property while at work to a doctor being able to monitor a patient’s response to a treatment… Read More

HBO Hacks Indicate a Company in Cyber Security Crisis

HBO has had a rough summer, and things are getting progressively worse for the cable titan. The HBO hacks began in late June, when an individual hacker or group calling themselves “Mr. Smith” dumped several episodes of an upcoming HBO series and the script to an upcoming Game of Thrones episode online. Mr. Smith claimed… Read More

Latest Anthem Breach Traced Back to Third-Party Vendor

Anthem – yes, that Anthem – has been hacked again. About a month after the beleaguered health insurer agreed to fork over a record-setting $115 million to settle a class action lawsuit related to its massive 2015 breach, it was breached again, or rather, one of its third-party vendors was. The 2017 Anthem breach involved… Read More

Outsourcing Can Help Bridge the Cyber Security Skills Gap

The cybersecurity skills gap is real and growing; there simply aren’t enough cybersecurity employees to go around. Cybercrime is rapidly escalating, and boardrooms are taking notice. KPMG’s 2017 U.S. CEO Outlook survey shows cybersecurity risk to be among CEOs’ top concerns, yet only 40% of them feel that their organizations are fully prepared to handle… Read More

Cyber Criminals Are Hijacking Computers for Cryptocurrency Mining

Cryptocurrency mining malware may end up being a bigger problem than WannaCry Organizations that think they dodged a bullet when their older systems did not fall prey to the WannaCry ransomware may want to think again. Weeks prior to the WannaCry attacks, a group of hackers was taking advantage of the same Windows vulnerabilities that… Read More

Data Breach Responsibility: Who Takes the Fall When a Company Gets Hacked?

Who should be held responsible when a company’s systems get breached? Historically, the CIO, the CISO, or both have shouldered the lion’s share of data breach responsibility; well over half of security decision-makers expect to lose their jobs if a hack happens at their organizations. However, breaches don’t happen in vacuums, and CIOs and CISOs… Read More

Government Ransomware Is Everyone’s Problem

Over the past year, the healthcare industry has been battered by an epidemic of ransomware attacks. The problem has become so ubiquitous that it is making its way into works of fiction: A ransomware attack on a hospital in a major city is the focus of an upcoming episode of the NBC drama Chicago Med.… Read More

Cyber Insurance Market Full of Uncertainty and Skimpy Coverage

Cyber Insurance Coverage: a Brave, Uncertain New World for Insurers and Policyholders Despite the escalating intensity and frequency of cyber attacks, fewer than 1/3 of U.S. businesses have purchased cyber insurance policies. A recent report by Deloitte provides insight into why organizations are deciding to go without cyber coverage, as well as why many insurers… Read More

New York State Cyber Security Regulations Mandate Common-Sense Practices

New York State Cybersecurity Regulations for Financial Institutions Could Be Model for Other States The first phase of the New York state cybersecurity regulations, which apply to insurance companies, banks, and other financial institutions operating within the state, went into effect on March 1. While the insurance and finance industries are already highly regulated, New… Read More

RegTech Eases Compliance Costs & Strengthens Cyber Security

As compliance costs skyrocket, standards grow increasingly complex, and the cyber threat environment evolves, organizations are turning to RegTech solutions to automate their compliance processes and improve their overall cybersecurity posture. Compliance with regulatory and industry standards, such as HIPAA, PCI DSS, FedRAMP, and SSAE 16 SOC reporting, are a burdensome yet necessary part of… Read More

New PCI DSS Ecommerce Guidelines Stress TLS 1.1 Migration

Consumers love shopping online and are abandoning malls for mobile shopping apps in droves. However, online shopping environments offer multiple opportunities for hackers to steal payment card data. Even worse, as more brick-and-mortar stores implement card chip technology to defeat skimmers and other forms of POS system fraud, thieves are gravitating toward card-not-present (CNP) ecommerce… Read More

Mirai Botnet Attacks Likely Pulled Off By Teenagers

The recent Mirai botnet DDoS attacks were the largest on record – and they were likely masterminded by teenagers. In October, a massive DDoS attack on the Dyn DNS “Managed DNS” infrastructure brought down a number of major websites, including PayPal, Twitter, Amazon, Netflix, and Spotify. The attack was accomplished through the use of the… Read More

Yahoo Hack Was the Result of Years of Poor Cyber Security Practices

For Years, Yahoo Put Usability Ahead of Cybersecurity The massive Yahoo data breach, which compromised 500 million user accounts and has put its planned acquisition by Verizon at risk, happened because the company repeatedly put product user experience ahead of security, the New York Times reports: Six years ago, Yahoo’s computer systems and customer email… Read More

Proactive Cyber Security Can Prevent Vote Hacking

In a heated political climate, even the appearance of vote hacking could threaten our nation’s democracy. The most contentious issue this election season may not be immigration or minimum wage laws but cybersecurity; specifically, the specter of vote hacking. Shortly after the discovery that the Democratic National Convention’s email server had been hacked came news… Read More

Houston Astros Hack Exposes Poor Cyber Security Practices

Doping allegations, illegal gambling, and other attempts to game the system and give a player or a team an edge have long plagued the professional sports world. Now, the cheating has gone cyber. Chris Correa, a former executive with the Saint Louis Cardinals MLB team, has been sentenced to nearly four years in prison for… Read More