June 7, 2017
Liz Maida, Helpsecurity.com, May 30, 2017
Security analysts within enterprises are living a nightmare that never ends. 24 hours a day, their organizations are being attacked by outside (and sometimes inside) perpetrators – hackers, hacktivists, competitors, disgruntled employees, etc. Attacks range in scope and sophistication, but are always there, haunting the security teams tasked with guarding against them.
Matthew Kuznia, Deltarisk.com, June 2, 2017
Throughout our blog series, 5 DIY Cyber Security Skills Every IT Professional Needs to Master, we have looked at skills and tools that are useful for cyber handy men and women. Much like being able to use a hammer, screwdriver, drill, or saw, having the ability to use virtualization, nmap , understand code, and the command line enables many other DIY tasks.
Courtney Linder, Post-gazette.com, May 25, 2017
Ten minutes, one hour, four hours, click. Postpone that annoying Windows update. Avoiding that dreaded dialogue box that pops up on the screen twice a day is a no-brainer for many American employees who don’t want to restart their computers and install a software patch. But in terms of cybersecurity , what seems like an immaterial decision can quickly become a pipeline for hackers and a major expense for companies.
Greg Kushto, Darkreading.com, June 5, 2017
Sometimes it’s mutual, other times it’s not. Either way, it’s inevitable: employees — entry-level and executive alike — come and go. Unfortunately, we often overlook the risks and vulnerabilities that employee turnover can introduce, particularly from an IT security standpoint. Although disgruntled employees and whistleblowers raise the most alarm, don’t be naive: not every outbound worker is an Edward Snowden or a Chelsea Manning, and risks aren’t limited to bad intentions.
Health IT Security Staff, Healthitsecurity.com, June 5, 2017
Evolving healthcare cybersecurity threats are posing even greater risks to the industry, which is why the Health Care Industry Cybersecurity Task Force published a report to “address the growing challenge posed by cyberattacks.” These threats pose significant patient safety issues, and require both the public and private sector to work together to ensure that healthcare systems and patients remain protected, according to ASPR Office of Emergency Management Director of Division of Resilience Steve Curren.
Health IT Security Staff, Healthitsecurity.com, May 24, 2017
St. Luke’s-Roosevelt Hospital Center Inc. (St. Luke’s) settled alleged HIPAA violations from a PHI data breach by paying $387,000 in an OCR HIPAA settlement. Formerly Spencer Cox Center for Health (the Spencer Cox Center), New York-based St. Luke’s specializes in services for individuals living with HIV or AIDS and other chronic diseases. OCR received a complaint in September 2014 that there had been a PHI data breach when St. Luke’s faxed an individual’s information to his employer.
Charles McLellan, Zdnet.com, June 1, 2017
The tech world tends to proceed from one era to another in a roughly 10-15 year cycle. So we had the PC era from the 1980s to the mid-1990s, followed by the internet and world-wide web era, and then the post-2007 (iPhone) mobile era. Today’s tech world is dominated by mobile, social networks, the cloud, analytics (including AI and ML) and, increasingly, the Internet of Things (IoT).
Noah Powers, Deltarisk.com, May 24, 2017
Imagine the following scenario: you work with a colleague who everyone sees as a problem. This individual complains about the direction of the company, unfair treatment, and even vocalizes personal financial struggles. People have come to expect this kind of negative behavior from him. One day, though, you overhear this disruptive co-worker say something out of the ordinary, even for him.
Amy Talbott, Zdnet.com, June 1, 2017
Mobile and IoT-connected devices present special security risks that many companies are still figuring out how to mitigate. ZDNet’s sister site, Tech Pro Research, recently polled IT professionals about the state of cybersecurity in their workplaces. Most seemed to feel that cyberthreats were relatively well controlled. The majority of respondents said their company’s cybersecurity readiness was average or above, and most said it had improved in the past year.