Risk

Home/Tag: Risk

Most recent FTC ruling makes clear – All US Companies are required to implement and monitor an information security program

While HIPAA and PCI compliance are now part of our collective business vernacular, the majority of US companies still remain unaware of national information risk management standards. In specific industries, companies have accepted that they must fulfill the requirements of specific acts. From Critical Infrastructure to Healthcare, these fields now require cybersecurity as a function within their entities' risk management portfolios. Beyond, third-party vendors are required to sign Business Associate Agreements (BAA) that extend the scrutiny to an ever expanding [...]

Identity Protection for Those Affected by the OPM Data Breach

Layer 8 Security specializes in improving the cybersecurity posture of companies big and small, but we also strive to protect individuals as well. In keeping with our "sheepdog" mentality, I want to broadcast some important information to individuals affected by the Office of Personnel Management (OPM) data breach. If you were not one of the 21.5 million individuals targeted in the widely publicized OPM data breach announced this past June, there is a high chance that you are related to or [...]

What’s the deal with LifeLock?

I often get questions from friends and family about LifeLock, an identity theft protection service - what it's all about, whether I use it (I don't), how effective the LifeLock services are, etc. Ironically, about a week and a half ago, LifeLock agreed to pay $100 million (see here) for allegedly breaching a FTC order by: "Failing to establish and maintain a comprehensive security program to protect its customers' sensitive personal information, including Credit Card, Social Security, and bank account [...]

This Ain’t Your Daddy’s Phishing Trip

One thing we've likely all gotten, is an email from some "rich Nigerian prince" offering us millions, in exchange for a little legwork or some such activity. The scam is old, but surprisingly effective. You wire them what seems like a pittance, for what you expect will be a major financial windfall on the return. Except that the phisher isn't a prince and doesn't have millions. But, they do have that untraceable money order you just sent them. That was [...]

CLE Credit Class – Minimizing the Risk of Cyber Exposure for Today’s Law Firm

Layer 8 Security is hosting a class with Precise about reducing the risk of cyber exposure for law firms at the offices of Expert Technology Associates. To register for the event, visit http://www.eventbrite.com/e/minimizing-the-risk-of-cyber-exposure-for-todays-law-firm-1-pa-ethics-cle-credit-tickets-18650999642. See below for details!

The Cost of Data Breaches Continue to Rise

Data breaches in 2014 made major headlines as large organizations such as Sony, Neiman Marcus and The Home Depot were compromised. 2015 has proven to be no different with BlueCross, Anthem and Ashley Madison joining the crowd. The biggest issue; however, is that the headlines only show the big fish, ones who can likely recover. What goes unnoticed are the other 1,400+ organizations who have been compromised in the past two years. This has led many C-Level executives of small [...]

A Reminder On The Danger Of An Inside Job

If you haven't heard this before, then get ready to hear it a lot more now. While outsider threats can be and are a big deal, and obviously a major concern, one of the biggest areas of risk for ANY company is and will be it's internal resources. Put another way, you have to be as careful about those who you give access to, as you are with those who don't have access to your network and corporate resources. Just [...]

Encryption for Everyone: Part 1 OS X

Information Security is evolving at an exponential rate.  What cut it 10 years ago would make today’s cybersecurity analysts cringe.  We will cover other aspects of keeping you safe from threats in future posts, but for now let’s focus on your physical hardware and more specifically encrypting your data.  If your laptop is lost or stolen you are at risk of someone inserting a USB stick, booting an operating system (ie. Linux)  and making your entire hard drive unencrypted and [...]

Internet of Things presents new challenges

It is, without a doubt, one of the hottest topics in IT. The Internet of Things, or how data networking is going to effectively connect everything to everyone, has been discussed for quite some time, but it was not until recently where current technology was able to catch up to the theoretical ideas that have been out there. Now, we are seeing an explosion in embedded devices-things we would not have previously expected to have connectivity do. And this can [...]

IoT can help manufacturing, but does it make you less secure?

When companies began to embrace the idea and the tech behind the Internet of Things (IoT), one area that stood to benefit the most was, and is, the world of manufacturing. Anyplace that relies on efficient operations to keep things flowing, and does so using a litany of systems, lends itself well to the burgeoning world of IoT. Imagine if all of your numerous systems are becoming much more easy to network and thus control online-it would be a godsend [...]