August 16, 2017

9 Factors to Ensure That Your Cyber Security Policy Works For Your Staff, Not Against Them

William H. Saito,, August 8, 2017

Companies and organizations are still struggling to deal with ransomware, a cyberattack in which user data is encrypted and held hostage, supposedly until a ransom is paid. This trend looks set to continue and perhaps even intensify.

Read More

Orgs Have Failed to Make Necessary Security Improvements Since WannaCry and Petya

Michael Hill,, August 10, 2017

More than two-thirds of security professionals are not confident their organizations have made necessary security improvements since the WannaCry and Petya attacks earlier this year, according to new research from Tripwire.

Read More

August 28 Deadline Nears for 23 NYCRR 500: Can You Pass the Compliance Test?

Zackery Mahon,, August 11, 2017

Less than three weeks remain for New York financial service companies to meet the initial cyber 23 NYCRR 500 security requirements set forth by the New York Department of Financial Services (NYDFS). As part of a series of rolling deadlines, August 28 is the first major deadline. In our first blog, we discussed which covered entities must comply.

Read More

NICE Cybersecurity Workforce Framework Focuses on Education

Elizabeth Snell,, August 11, 2017

The National Initiative for Cybersecurity Education (NICE) released a Cybersecurity Workforce Framework to help organizations in various sectors educate and train staff members in needed cybersecurity measures. Entities will also have guidance on workforce development and planning that can be catered to their individual operations.

Read More

Patched Flash Player Sandbox Escape Leaked Windows Credentials

Michael Mimoso,, August 10, 2017

One of the patches included in Tuesday’s Adobe Flash Player update was a do-over after the researcher who privately reported the problem earlier this year discovered the original patch incompletely resolved the issue. Dutch researcher Bjorn Ruytenberg disclosed details after Adobe updated the soon-to-be deprecated Flash Player on Tuesday to version 26.

Read More

The Biggest Healthcare Breaches of 2017 (So Far)

Healthcare IT News Staff,, July 31, 2017

Healthcare proved itself a lucrative target for hackers in 2016, and so far in 2017 is, unfortuantely , following suit. From organizations with exposed, unused websites to unencrypted storage drives, health organizations still have much to learn about security.

Read More

Password Power Rankings: A Look at the Practices of 40+ Popular Websites

Help Net Security Staff,, August 10, 2017

Nothing should be more important for these sites and apps than the security of the users who keep them in business. Unfortunately, Dashlane found that that 46% of consumer sites, including Dropbox, Netflix, and Pandora, and 36% of enterprise sites, including DocuSign and Amazon Web Services, failed to implement the most basic password security requirements.

Read More

What Hackers Think of Your Cyber Security Efforts

George Nott,, August 9, 2017

A survey of 250 self-identified hackers at the twentieth annual Black Hat conference in Las Vegas last month has revealed the security technologies they find toughest to beat. Of the hackers that responded, 38 per cent said multi-factor authentication was the ‘hardest to get past’ while 32 per cent considered encryption the toughest defence to beat.

Read More

One Easy Thing Your Agency Can Do to Attract More Cybersecurity Talent

David Thornton,, August 9, 2017

Building a well-trained cyber workforce has been a challenge for the federal government, and the first step in that process is finding well-qualified candidates to fill the positions. Laura Bate, senior programming associate for New America’s Cybersecurity Initiative, said there are several factors that make that the case, but agencies do have options to overcome the obstacles.

Read More
financial newsletterhealthcare newsletter
Infosecurity Newsletter Archive

top cyber incident pain points