In 2014, Experian rightly predicted that healthcare related breaches would continue to grow in 2015. According to the Identity Theft Resource Center report, as of April 28th of this year, 93 healthcare breaches had been reported. While businesses across a number of industries have suffered from cyber attacks, the healthcare industry has been the hardest hit, …
2015 Healthcare Attacks – The Truth Behind the PredictionsRead More »
Malware, the pernicious threat, has a new form: malvertising, or "malicious advertising." What is most disturbing about this form of malware is that you don't always need to click on a piece of malvertising to infect your computer; in some cases, just mousing over a malicious ad during your web browsing is enough to unleash …
The recent crossfire incident where GitHub found itself battling to stabilize service exemplifies the critical importance of defending your network against DDoS attacks. While most US-based security experts unequivocally point the finger at CNNIN’s complicity, simply identifying the origin of threats isn’t enough to protect your servers or your data. Seventy-one hours into the attack, …
I found an APT – Now what? Operationalizing Advanced Threat and Breach Response. Read More…
There was an intriguing post over at KrebsOnSecurity last week that involved the site tracking down the Russia-based author of a tool designed to help cyberthieves evade fraud detection systems. (Yes, such tools certainly have legitimate IT purposes,… Read More…
Are we losing the fight against malware and the hackers who are making every day a zero day? Few authors are as skilled as GRRM when it comes to killing off important characters. Clearly, that oft-uttered phrase from the eastern continent, “… Read More…
Getting funding and support is a process Successful security leaders count on support and funding in order to provide the services and drive projects that create value. It’s important to distinguish between budgets and funding. Budgets tend to be line-item actions and amounts, decided in advance. The process of budgeting often feels mysterious, the final …
The process security leaders need to get the funding and support you wantRead More »
In 1982, at the height of the Cold War, a vast explosion, visible from space, lit up Siberia. NORAD and others in the U.S. defense establishment worried: was this a nuclear test, or a missile being launched from a region where nobody had suspected that missies were stored? But no: it turns out the explosion, …
Inside the rickety, vulnerable systems that run just about every power plantRead More »
Recently, I wrote about the three vectors of a healthcare cyber attack. This is the first of a three-part series examining each vector in depth. Last month, I wrote about the three vectors of a healthcare cyber attack, ironically just before Anthem… Read More…
EXPERTS DEBATE WHETHER ADVICE GOES FAR ENOUGH Experts debate the value of new PCI guidance for how businesses should use penetration testing to identify network vulnerabilities that could be exploited for malicious activity. Does the new advice go far enough? Read More…