Healthcare Is Ignoring Cyber Risk Intel, Academia Even Worse

This article details a disturbing trend in Health Care and Academia concerning an utter lack of cyber preparedness.  From a health care perspective, from my experience, I believe this problem is largely fed by the false comfort provided by compliance efforts.  More specifically, the concept of Meaningful Use has lulled medical providers into thinking they are actually safe from attack or breach.  This problem is further exacerbated by the false sense of security provided by cyber insurance policies.

Businesses desperately need to realize that compliance does not by any stretch of the imagination mean you are secure.  Insurance cannot protect your reputation or insulate you from the follow up events after your policy has been cancelled due to a breach.  The threat must be taken seriously and addressed accordingly with valid IT security measures grounded in a best practices approach.

http://www.darkreading.com/risk/healthcare-is-ignoring-cyber-risk-intel-academia-even-worse–/a/d-id/1319702

Advertisements

Cybercrime Is Now More Profitable Than The Drug Trade

The headline of this article says a great deal about where we are as a society in our war against cyber crime.  Deeper into this article, you will see statements about the lack of confidence many institutions have in the face of these threats.  Now is the time to act.  Take your IT Security seriously.  PCI DSS 3.0 is another strong step in the right direction, but compliance is not a panacea.  A lowest common denominator approach will leave you vulnerable.  You can’t simply lock the front door and hope you are safe.  Criminals know you have a back porch and are willing to climb through an open window.

http://www.tripwire.com/state-of-security/regulatory-compliance/pci/cybercrime-is-now-more-profitable-than-the-drug-trade/

Man escapes from jail after sending fake bail email

This article was simply too good not to share and shows the lengths to which criminals can and will go in creating an effective phishing or spoofing mechanism.  Don’t lose sight of the fact that this individual successfully social engineered his way out of prison while actively incarcerated.  Imagine what a good criminal can do from the comfort of his or her own home.

https://nakedsecurity.sophos.com/2015/03/31/man-escapes-from-jail-after-sending-fake-bail-email/