Comprehensive anti-harassment policies are even more important in light of #MeToo movement The #MeToo movement, which was birthed in the wake of sexual abuse allegations against Hollywood mogul Harvey Weinstein, has shined a spotlight on the epidemic of sexual harassment and discrimination in the U.S. According to a nationwide survey by Stop Street Harassment, a… Read More
States Worry About Election Hacking as Midterms Approach
Mueller indictments of Russian cyber criminals put election hacking at top of mind State officials expressed grave concerns about election hacking the day after Special Counsel Robert Mueller handed down indictments of 13 Russian nationals on charges of interfering with the 2016 presidential election. The Washington Post reports: At a conference of state secretaries of… Read More
Crypto-Mining Malware May Be a Bigger Threat than Ransomware
Crypto-Mining Malware is Crippling Enterprise Networks Cryptocurrencies such as Bitcoin and Ethereum have gone mainstream; it seems like everybody and their brother is looking to buy some crypto and get their piece of the digital currency gold rush. Hackers want a piece of it, too. In addition to hacking ICO’s and cryptocurrency exchanges, they’re using… Read More
Post Equifax, New Data Breach Notification Laws are Inevitable
New data breach notification regulations aren’t a matter of if, but when The U.S. Securities and Exchange Commission plans to update its six-year-old guidelines regarding data breach notification and cyber risk disclosure, Bank Info Security reports: The agency has indicated that it expects to refine guidance around how businesses disclose cybersecurity risks to investors as… Read More
Cyber New Year’s Resolutions: Cyber Security Tips for 2018
Cyber Security Tips for 2018 and Beyond Now that the year is coming to an end, all eyes are on what’s possibly around the corner. More attacks on cryptocurrencies? An escalation in attacks by state-sponsored cyber criminals? Chaos as the EU’s GDPR is implemented? In cyber security, only one thing is certain: It’s a continuous… Read More
5 Reasons Why Your Enterprise Should Put IRM Before GRC
Gartner Is Shifting Its Focus Toward IRM, and You Should, Too Over the summer, Gartner announced that it was moving its focus away from GRC and launching a new Magic Quadrant for integrated risk management, or IRM: IRM enables simplification, automation and integration of strategic, operational and IT risk management processes and data. IRM goes… Read More
FISMA, FedRAMP, and NIST: Federal Compliance Demystified
FISMA vs. FedRAMP and NIST: Making Sense of Government Compliance Standards FISMA, FedRAMP, NIST, DFARS, CJIS, HIPAA … Government compliance standards can seem like a veritable alphabet soup. Making matters even worse, a lot of them overlap, and many organizations aren’t certain which standards they need to comply with. Even if your organization does not… Read More
HBO Hacks Indicate a Company in Cyber Security Crisis
Hacks in the City: Latest in String of HBO Hacks Targets Company’s Social Media Accounts HBO has had a rough summer, and things are getting progressively worse for the cable titan. The HBO hacks began in late June, when an individual hacker or group calling themselves “Mr. Smith” dumped several episodes of upcoming HBO series… Read More
Will Cryptocurrency Regulation Attempts Do More Harm Than Good?
White-Hat Hackers Are Already Being Caught in the Cryptocurrency Regulation Net Cryptocurrencies have long been associated with cyber crime. The cryptocurrency Bitcoin was the de facto currency of the notorious online black market Silk Road, it remains the preferred payment method on the Dark Net, and the majority of ransomware attacks, including WannaCry, demand payment… Read More
It’s Time to Get Serious About Education Cyber Security
Back to School: Education Cyber Security K-12 school systems, colleges, and universities are being increasingly targeted by hackers, yet education cyber security is as woefully lacking as other industries, as these recent incidents illustrate: In November 2016, Columbia County School District in Georgia admitted to a breach of personal information belonging to its employees and… Read More
Is Cloud Computing Really Secure? A Pragmatic Approach
Is Cloud Computing Really Secure? A Pragmatic Approach Considering Cloud Computing? So, you are making plans to move into cloud computing and are considering your options offered by the plethora of providers out there but you have questions and concerns. Congratulations! The bottom line up front is yes, cloud computing can be very secure. You… Read More
POS Data Security an Issue for Fast-Food Kiosks
POS Data Security? The next time you buy a burger at McDonald’s or Wendy’s, a computer may be the one asking, “Would you like fries with that?” After decades of depending on human workers to take orders – and payments – American fast food chains are finally moving into the computer age, driven by rising… Read More
Spear Phishing: Don’t Take the Bait!
Following a string of high-profile incidents that began earlier this year, the healthcare industry has been highly focused on preventing ransomware attacks. IoT security has also emerged as a growing concern. However, healthcare organizations (as well as businesses in other industries) cannot afford to ignore another growing threat: spear phishing. Like regular phishing, spear phishing… Read More
IoT Security: Medical Devices Are the Next Target for Hackers
Up until now, healthcare cyber security has been focused on protecting patient data, ensuring HIPAA compliance, and, more recently, protecting systems from ransomware attacks. However, as healthcare technology advances, a new threat is emerging: the potential for hackers to attack smart medical devices such as insulin pumps and pacemakers. If IoT security is not taken… Read More
5 Tips for Healthcare Cyber Security
In a previous blog, we discussed the recent epidemic of ransomware attacks on U.S. healthcare organizations and the importance of the industry taking this very serious cyber security threat – and healthcare cyber security in general – seriously. The good news is that although a ransomware attack can bring a healthcare facility to its knees,… Read More
Ransomware Attacks Show that Healthcare Must Take Cybersecurity Seriously
In a previous blog, we provided a primer on HIPAA compliance and discussed the importance of complying with this complex federal law, which is geared toward protecting patients’ private health information (PHI). While healthcare providers and healthcare industry vendors cannot afford to ignore HIPAA, a new threat has emerged and is poised to become much… Read More
What is PCI DSS Compliance?
Confused about PCI DSS compliance? This article will explain PCI DSS and the importance of complying with this important information security standard. What is PCI DSS? PCI DSS stands for the Payment Card Industry (PCI) Data Security Standard (DSS). The PCI DSS is a proprietary information security standard that was established in 2004 by the… Read More
What is HIPAA Compliance?
Confused about HIPAA and HIPAA compliance? This article will explain HIPAA and the importance of complying with this complex federal law. What is HIPAA? HIPAA is the Health Insurance Portability and Accountability Act of 1996, which was signed into law by President Bill Clinton. The HITECH Act, which was signed by President Obama in 2009,… Read More
Hooray for Hollywood! – Hackers Hold Healthcare Hostage
Hackers Hold Hollywood Healthcare Hostage Hollywood Presbyterian Medical Center paid a $17,000 ransom in bitcoin to hackers who seized control of the hospital’s computer systems holding them a healthcare hostage. The cyber assault on Hollywood Presbyterian occurred Feb. 5, 2016, when hackers using malware infected the institution’s computers, preventing hospital staff from being able to… Read More
Secure in 60 Seconds
Secure in 60 Seconds While you slip into that Thanksgiving Day coma, take 6o seconds to beat holiday crime and stay secure. Nearly half of holiday shopping this year will be done through online merchants; about 46 percent according to the National Retail Federation. That is up slightly from last year and is another sign… Read More
Why In a Former Life I was a Cadaver Dog!
My career has been and adventure along the scenic route speaking conservatively which I rarely do. My number one goal is to be the best example for what I choose to focus my attention on. I rose in the corporate ranks pretty quickly and helped define what it really means to be a Chief Information… Read More
CIO, CISO, Eee Eye, Eee Eye Oh Crap a Data Breach!
How do you quantify the true cost of a data breach? How do you measure the costs against the benefits of eliminating risks, mitigating risks or accepting risks to your business effectively? The Lazarus Alliance executive leadership team has been the proverbial tip of the spear within the proactive cyber security realm well before there… Read More
The Proverbial Identity Theft Bus Will Run You Over!
The Proverbial Identity Theft Bus Will Run You Over! Think about a time when you had a single credit card lost or stolen and how much of a pain that experience was. Now imagine if your entire wallet was lost or stolen and the exponential magnitude of pain in the patootie that would be for… Read More
Cyber War Waged on the United States with Massive Security Breach
Federal cyber security breach has left millions of American citizens as casualties. Lazarus Alliance responds with proactive cyber-crime prevention. Lazarus Alliance ups the ante with proactive cyber security weapons in the corporate arsenal to fight cybercrime, corporate fraud, espionage and criminal cyber-misconduct. The egregious revelations following this security breach is that the Office of Personnel… Read More