Is there true accountability for technology investments? Consider past investments for InfoSec as another possible cause for waning support.  Over the past 5 years, the InfoSec industry has been flush with security technology spending driven a crowded product marketplace.  While most technologies are built on sound principles for reducing risk, they require process definition and...Read More

As a consulting firm that works with Information Security (InfoSec) leaders at a variety of organizations, there is a disturbing trend that has evolved in the past year.   Many of them are looking for new jobs (at other companies) or considering leaving the profession altogether.  In a field that is already short on good talent…why...Read More

The old saying is something like this: Passwords are like underwear. You should change them often, you shouldn’t share them and they should be mysterious. In other words, your password should be a total mystery to everyone else. With more and more of your daily activities being transitioned to the internet, your password is just...Read More

Use Secure Connections/VPN When offered a choice between connecting to an unsecured network vs. a secured network, always choose the latter.  The ease of connecting to an unsecured network is enticing at times, but logging in with credentials always pays off.  If no secured network is available, use a Virtual Private Network, or VPN, to...Read More

While it may not be a question of when but more one of why, information security is heading down a path that needs metrics to thrive.  An interesting question when you consider that, the timeline for information security as a discipline is quite short; the young age of our industry translates into immature practices that...Read More

County System Hacked Just last week, county officials in Bingham County, Idaho, reported a large scale attack on their system.  County employees discovered inaccessible encrypted files on their servers, followed by a prompt demanding a ransom in exchange for Bingham County’s data. Ransomware attacks of this size were frequently reported in 2016, but stipulated payment...Read More

The amount of data in the world is doubling every year, predicted to surpass 44 zettabytes, abbreviated ZB, up from 4.4 ZB in 2014. For reference, 1 ZB is equivalent of 1 trillion GB.  With this massive amount of data comes an increased difficulty to secure, store, and make sense all of it. More specifically,...Read More

Ransomware’s launch in 2016 quickly created a billion-dollar business which many experts believe will continue to dominate the security threat landscape in 2017. Ransomware is a type of malware installed on a computer or server that encrypts files, making them inaccessible until a specified ransom is paid. These ransoms are typically demanded in bitcoin, an...Read More

Healthcare providers face rigorous challenges when it comes to delivering quality patient care.  Aging patient segments, evolving insurance regulations, and increasing security requirements are just a few of the variables contributing to these challenges.   Until recently, protecting medical devices was not on the list of items to address. Things have changed.   The rapid evolution of...Read More

Ransomware by definition is a type of malicious software designed to block access to a computer system until a sum of money is paid. Although this form of cyber threat has been around for years, the healthcare industry has experienced a well-publicized surge of ransomware attacks. We live in a data-driven world. Ransomware is a...Read More