Monthly Archives: January 2017

Home/2017/January

What can we learn from celebrity cyber attacks?

Celebrity hacks seem to dominate the news. http://www.cnn.com/2017/01/25/entertainment/celebrity-photo-hacking-scandal-man-sentenced/index.html These high-profile cases are illustrative of the kinds of scams we all need to be aware of.  For most of us, naked pictures are not likely what potential bad actors are after, but the methodology used by Mr. Majerczyk in this case was quite common; e.g. he [...]

By |2017-06-22T20:19:37+00:00January 31st, 2017|Categories: Blog|Tags: |Comments Off on What can we learn from celebrity cyber attacks?

Former Gov. Tom Ridge Says Corporate Boards Need to Make Cybersecurity a Priority

I had the honor to share a potent potable with Governor Ridge while stationed at Fort Meade. [The Governor was happy to meet a fellow Pennsylvanian.] Throughout our conversation, one theme resonated strongly with both of us: cybercrime by nation state sponsored actors was more than just a National Security issue. In the way that [...]

By |2017-06-22T20:19:37+00:00January 24th, 2017|Categories: Blog|Tags: |Comments Off on Former Gov. Tom Ridge Says Corporate Boards Need to Make Cybersecurity a Priority

The SEC announces its 2017 examination priorities

Attention to those in the financial industry, particularly, Broker/Dealers, Investment Advisers and Firms involved with Pension Funds and Seniors; OCIE is focused on you. The SEC's National Examination Program (NEP) of the Office of Compliance Inspections and Examinations (OCIE) announced that its examination priorities in 2017 will focus on three general areas including retail investors, [...]

By |2017-01-13T18:24:02+00:00January 13th, 2017|Categories: Blog|Tags: , , , |Comments Off on The SEC announces its 2017 examination priorities

Breach Notification Laws Are Being Enforced

First HIPAA enforcement action for lack of timely breach notification settles for $475,000 In a landmark case, federal regulators have issued a $475,000 financial settlement and corrective action plan for Presence Health regarding its tardy notification for a paper records breach that affected approximately 800 individuals. The Director of the Department of Health and Humans [...]

By |2017-06-22T20:19:37+00:00January 12th, 2017|Categories: Blog|Tags: , , , , |Comments Off on Breach Notification Laws Are Being Enforced

The Importance of Application Penetration Testing

Industry is slowly adapting to the need to test applications for security - especially those companies in regulated environments. But not all have adapted to this new paradigm. I'm sure Quest wishes they had a done a more thorough job of testing their mobile app (http://fortune.com/2016/12/13/quest-diagnostics-data-breach-health/) when 34,000 of their users had their personal information [...]

By |2017-06-22T20:19:37+00:00January 4th, 2017|Categories: Blog|Tags: , , |Comments Off on The Importance of Application Penetration Testing