Most users think they’re savvy enough to shop securely online, but even the most security-minded and Internet-knowledgeable shoppers have been duped when making business purchases. Wise users need to overcome their over-confidence and brush up on online shopping best practices to avoid getting taken by a suave scammer.
Read MoreA reformed cyber-criminal who popularized the term “social engineering attack” famously pointed out that “it is far easier to trick someone into handing over, say, their password than to go to the trouble of hacking them.” This approach has taken hold in the cyber-crime world, with social engineering and phishing attacks—when an attacker poses as an authority figure via email or a website to trick a victim into divulging sensitive data—costing businesses $676 million in 2017, according to the FBI. Now an even simpler attack is gaining traction.
Read MoreOn average, a ransomware attack costs a company $5 million, resulting in system downtime and productivity loss. There has also been a noticeable increase in the reach of compliance requirements. With the cost of cyber-attacks skyrocketing, it’s critical to re-examine how cybersecurity resources are being allocated. These 2019 trends build upon classic security best practices with a focus on next-generation implementation, adoption, and technologies.
Read MoreIf you check for the green padlock symbol in your browser to ensure you’re accessing a safe and legitimate site, you’re not alone. According to a 2018 PhishLabs survey, more than 80% of those surveyed thought the green padlock in the address bar guaranteed the legitimacy/safety of a website. The reality is the padlock doesn’t mean the site is legitimate and it doesn’t mean you’re safe from hackers.
Read MoreMany people have developed a psychological picture of what a cyber-attack consists of. There’s a tendency to assume a complex, thrilling attack is executed by highly-technical individuals who have penetrated a network to access ironclad sensitive data. The reality, however, is much different.
Read MoreIn this age of digital transformation, IT staff are under incredible pressure to keep up with the breakneck speed of new technology adoption, implementation, and management while trying to maintain usability, productivity, and efficiency. With this reality, something has got to give, and oftentimes what falls off the radar are security tasks.
Read MoreLife is hectic. As a result, we all look for ways to eliminate inconvenience, ease our stress levels, and save precious time. However, some comforts might come at too high of a price. Unfortunately, the auto-fill function on your browser might be a more of a risky convenience than most people realize. For years, security insiders have argued the dangers of the auto-fill function: the handy tool that automatically provides your name, address, phone number, and such for web page forms. It turns out, they are right.
Read MoreThe Global State of Information Security 2018 found that the top source of security incidents (30%) are current employees, and the next highest threat category is former employees (26%), beating out unknown hackers and competitors. The threat from inside is very real.
Read MorePhishing has become a well-known term, even showing up in prime-time commercials and rolling off the tongue of tech-savvy, scam-weary seniors. Despite the widespread awareness of phone, email, and even in-person phishing scams, new and creative attacks remain the bane of security staff. The latest phishing threat gaining traction? Cloud-based documents.
Read MoreIt happens all too often. Imagine a Human Resources (HR) assistant receives an email from the CFO requesting an update to the companies account and routing number. The email appears to be legitimate and the diligent employee rushes to handle the CFOs request only to discover later it was a phishing email. These types of social engineering attacks have become increasingly sophisticated and difficult to detect. So what are your employees supposed to do?
Read MoreHealthcare data is becoming a more and more common target for cyberattacks. Forrester Research warned a year ago that “healthcare breaches will become as large and common as retail breaches,” further predicting the Anthem breach that reached 80 million patients as a commonplace occurrence in the future. In this environment, organizations that handle sensitive health data are struggling to balance the need for better collaboration and record-keeping among trusted partners with the need to maintain strong security practices and meet compliance regulations.
Read MoreNot so long ago, medical devices required only physical security considerations—only those who had access to the device could access the device’s data. However, through the Internet of Things (IoT), medical devices’ connectivity to the cloud has put them in the cross-hairs of cyber attackers.
Read MoreThere’s a skills-gap and specialist shortage in the cybercrime industry. You read that correctly. Cybercriminals are looking for new recruits to fill positions in the rapidly growing cybercrime as a service (CaaS) industry. Although it sounds like something out of a low-budget science fiction flick, CaaS is very real and thriving.
Read MoreAs the number of firms that handle patient health care data grows, it has become increasingly more challenging to ensure that data is current, accurate, and correctly matched to the patient. To address this patient-matching problem, the Office of the National Coordinator for Health Information Technology (ONC) has collaborated with the CMMI Institute to develop the Patient Demographic Data Quality (PDDQ) Framework.
Read MoreA recent report from Nielson predicts credit card fraud will result in more than $31 billion in losses by 2020. And, e-commerce fraud attacks increased by more than 30% from 2016 to 2017, according to credit reporting agency Experian. So how are attackers getting away with fraud and how can you protect your business credit cards?
Read MoreSince May 25, when the European Union (EU) began enforcing the General Data Protection Regulation (GDPR), companies of all sizes and across industries have been working to ensure they are in compliance. This scramble has been apparent externally through the updated privacy policy and opt-in messages on websites, but are businesses doing enough internally to protect the security of the personal data they handle?
Read MoreOnline banking has been ubiquitous for some time—and cybersecurity attacks that target business’ banking information are just as common. Stories of companies large and small that have had their banking data and accounts compromised date back to the beginning of online banking. Are you taking all the necessary steps to protect your company’s banking assets?
Read MoreWith General Data Protection Regulation (GDPR) enforced as of May 25, 2018, many healthcare organizations (HCOs) in the United States are working to determine whether they need to be GDPR compliant and whether Health Insurance Portability and Accountability Act (HIPAA) compliance is enough.
Read MoreIn an October 2016 data breach, the email addresses, phone numbers, and names of 57 million customers and personal information of approximately 7 million drivers was stolen from Uber. Although the company immediately worked to secure the data and prevent further unauthorized access, the data breach went unreported to authorities and victims for more than a year, with the company finally coming forward toward the end of 2017. Uber has openly stated that it mishandled the situation, but the attack and response raises the question: How long do companies have to notify regulating bodies and those affected when a data breach occurs?
Read MoreWith the May 25, 2018, enforcement deadline approaching, many businesses are wondering how the General Data Protection Regulation (GDPR) will affect them. Briefly, the GDPR is a joint effort from the Council of the European Union (EU), the European Commission, and the European Parliament to better protect citizens’ personal data, give them greater control over how companies handle and use their personal data, and make it easier for companies to comply with this single personal data oversight regulation.
Read More
