One Word: Discipline.
What most offices lack when they experience a data breach or cyberattack is a lack of discipline guiding and enforcing their security standards.
Let me give you two quick stories of where a lack of discipline hurt offices and end with one concrete example of how discipline helps save lives.
Example 1: Backups are On, but Not Working!
One of the most common things I find when auditing a prospective client is that the entire office thinks that their backups are working. Their IT guys tell them that they are getting backups and the majority their IT guys for their word (not that all IT guys are trustworthy, unfortunately).
continue reading
Why the Equifax Data Breach Could Be Draining Your Business Accounts (And Why You Might Not Even Notice!)
Last week’s Equifax announcement of 143 million people affected by one of the most sweeping data breaches (and likely the most danger) attacks ever may be more worrisome than you may suspect. Since Equifax validates credit scores for virtually everyone, they hold in their disposal millions upon millions of records of personally identifiable information—much of which if not locked under key day in and day out could easily allow criminals to steal your identity.
Last week, one of my colleagues had the misfortune of having his identity stolen. The timing and circumstances aligned perfectly with the Equifax data breach as the most parsimonious way his identity could have been stolen (he is a IT Security expert that is especially careful with disclosing sensitive personal information). If identity theft happened to him, it could easily happen to any of you—and with big data breaches of completely sensitive information, you should be more vigilant than ever with both your personal AND business identity and footprints.
continue reading
Earlier last month researcher identified a new ransomware attack that has already targeted and infected tens of thousands of businesses.
The new attack is a modification of the Locky malware that had infected businesses worldwide earlier this summer.
Massive New ‘Locky’-Variant Ransomware Is Attacking Businesses Across The US
IT Security experts are saying that the files containing the new “IKARUSdilapidated” strain of the Locky virus is able to move through endpoint defenses undetected.
The attack begins with an email attachment.
continue reading
Hurricanes are not that easy to predict. Will Hurricane Harvey strike Houston or 50 miles East? Will it start as a Category 1 or 5? Thanks to evolving meteorological technology, including better satellites and faster computers, scientists are able to model and make predictions on natural disasters like hurricanes and earthquakes with much more confidence than ever before.
But with more sophisticated and accurate models, hurricanes predictions are NOT guaranteed 100% accurate.
The devastation that Hurricane Harvey amassed this week has been hard to watch. And what’s harder for me is that officials and residents around Houston could not predict and hadn’t adequate planning to prepare for such a massive storm. The headlines tell this all-too-often story:
continue reading
Not surprising, cyber criminals are getting sneakier with their attacks and many of them are specifically targeting healthcare (although every business needs to take proper precautions). Cybersecurity is one of the most relevant topics to healthcare executives and health IT professionals in today’s current threat climate.
Problem 1: User safety is not a big enough priority
While health IT professionals seem to have complete focus on IT data management security, many fail to identify user-related threats as problems. That means, instead of focused on holistic measures to train and inform users about the latest attacks and schemes in which cyber criminals break into healthcare systems, they assume that their latest firewall update, antivirus platform and database management system are good enough.
continue reading
Do you remember the WannaCry virus? That ransomware virus that moved through networks like a wild fire?
WannaCry hero arrested for malicious hacking
The biggest problem with WannaCry (and recent infection outbreaks) is that they are hard to stop. Once inside your network, these viruses autonomously move and navigate the extents of a network. WannaCry may simply be pioneering how computer viruses infect business networks in the future.
What put many of us at ease earlier this spring is that WannaCry had a terminus. Soon after its outbreak, a British researcher was able to trigger a killswitch which ended the life of the virus.
continue reading
