“People who live in glass houses should take out insurance” and right now, the winds are blowing at hurricane strength. Between two years of COVID and the seemingly daily headlines of breaches and ransomware attacks, healthcare organizations are reeling. According to a report from Comparitech, attacks in 2020 were double those in 2019, impacting…
Details
T-Mobile recently confirmed that a threat actor stole the full names and driver’s license information for 40 million people last week. While AT&T is currently denying it, another Threat Actor claims to have stolen the names, phone numbers, physical addresses, email addresses, and Social Security numbers for 70 million of their customers. Ransomware makes…
Details
Security software vendors would be wise to heed those old pop music lyrics in selling their wares to America’s CISOs. Our own Terry Grogan voiced her opinion in a new article for CSO digital magazine. What she “really, really wants” is a trusted security partner, not a sales pitch. Read it here
During the Jewish holiday of Passover, it’s traditional for the youngest child to ask the four questions, seeking to understand the symbolism behind the story of the exodus from Egypt. “Ma Nishtana” they ask in Hebrew. Why is this night different from all other nights? That phrase popped into my head as the Colonial…
Details
Kevin Mitnick, Adrian Lamo, Albert Gonzalez, Mathew Bevan, and Richard Pryce. Are these guys household names in your household? These five (and dozens of others), are among the most notorious hackers on the planet, people who spark fear into the hearts and minds of the most sophisticated technology organizations on the planet. These online villains…
Details
I know, I might be accused of heresy for even bringing it up. But the statistics are so alarming these days, it’s a discussion that needs to be held at the very highest level of every healthcare organization in America. For security’s sake, isn’t it time to get rid of email? There, I’ve said…
Details
After a week of dealing with attacks on Microsoft Exchange servers, I got in my car, turned on the radio, and heard that classic song by the Talking Heads. David Byrne says he wasn’t really singing about a house on fire but instead, about breaking free from whatever was holding you back. And I thought……
Details
Recently, a fellow CISO asked a group of us if we “punished employees who consistently failed to recognize phishing emails.” This created a great discussion with most folks agreeing that punishment rarely works and often has negative effects (including potential for legal action). After all, hackers take advantage of people’s willingness to be helpful or…
Details
Talk to any Chief Information Security Officer and they’ll tell you that the weakest link in their organization is always the individual. Take smartphones for example. They’re designed with security in mind but that protection is compromised each and every day. 70 million smartphones are lost each year, with only 7 percent recovered Users are…
Details
The “bad guys” constantly look for ways to trick users into giving up information or download malicious software that will steal information. One of the easiest ways for them to do this is to get you to click on links that show up using a search engine. Given the popularity of Google search, bad actors…
Details