This article details a disturbing trend in Health Care and Academia concerning an utter lack of cyber preparedness. From a health care perspective, from my experience, I believe this problem is largely fed by the false comfort provided by compliance efforts. More specifically, the concept of Meaningful Use has lulled medical providers into thinking they are actually safe from attack or breach. This problem is further exacerbated by the false sense of security provided by cyber insurance policies.
Businesses desperately need to realize that compliance does not by any stretch of the imagination mean you are secure. Insurance cannot protect your reputation or insulate you from the follow up events after your policy has been cancelled due to a breach. The threat must be taken seriously and addressed accordingly with valid IT security measures grounded in a best practices approach.
The headline of this article says a great deal about where we are as a society in our war against cyber crime. Deeper into this article, you will see statements about the lack of confidence many institutions have in the face of these threats. Now is the time to act. Take your IT Security seriously. PCI DSS 3.0 is another strong step in the right direction, but compliance is not a panacea. A lowest common denominator approach will leave you vulnerable. You can’t simply lock the front door and hope you are safe. Criminals know you have a back porch and are willing to climb through an open window.
It’s World Backup Day! Take time to review your backup strategies and verify your business critical content is secure. In an age of malware, ransomware and frequent breaches, now more than ever we need to diligent in our backup approaches.
This article was simply too good not to share and shows the lengths to which criminals can and will go in creating an effective phishing or spoofing mechanism. Don’t lose sight of the fact that this individual successfully social engineered his way out of prison while actively incarcerated. Imagine what a good criminal can do from the comfort of his or her own home.
This is yet another disturbing article concerning Uber. Between fraud and driver behavior issues and now an announcement of a breach of login credentials, Uber is suffering through a very difficult public relations period.
This article details yet another example of an attack against the freedoms of the Internet potentially by an oppressive nation state.
Given all the fun currently underway with the NCAA tournaments, I thought this would be a worthy article to pass along. Password management is always an important conversation and these sports related passwords are important to note and avoid. Remember the value of a good passphrase. “Wildcats” as a password can get you in trouble, but “IwanttheWildcatstolose!” will keep you much safer.
I read this content from a couple of sources over the last two days and continue to be disturbed each time I see it come up on my feeds. I understand the profitability surrounding the data RadioShack is auctioning off, but it beyond unethical for them to go down this path given the privacy agreement that led to the collection of the data to begin with. This is yet another example of the nature of data once provided to 3rd parties. Be aware and prepared. That audio cable you purchased 12 years ago for your home stereo may lead to your addition to several less than savory email lists.
This is a fantastic article from Brian Krebs revealing a criminal’s view of the online tax refund fraud process from both a state and federal perspective.