It’s no secret that healthcare organizations are constantly in the crosshairs of cyber criminals. One of the reasons healthcare records are 30 times more valuable than financial records is because they contain full identity profiles – including your social security number which is the gateway to acquiring any and all of your personal information. According to data gathered by the United States...

The terms “hacking” and “hackers” often get a bad reputation. This tends to have a fairly negative connotation because of the nature these words are often used in. I’d like to think I’m not alone in envisioning some scary guy hanging out in a dark room in a black hoodie trying to break into my bank to steal my credentials or money for that matter. The way we perceive and hear “hacker” in the media...

Before I start, I need to come clean and tell you that I love enterprise software. Weird? Maybe. However, after working in the industry for many years and for many different companies, enterprise software is the basis for what drives business. Whether it’s your CRM, ERP or cyber security – it all starts with enterprise software.I have worked in product management, marketing and operations over the...

As with most anything in life, you want to set SMART goals. Setting goals that follow this guideline (Specific, Measurable, Achievable, Relevant and Time-bound) allows you to form hypotheses and set firm parameters around your work and what potential outcomes to expect. This is no different for the Red Team whose sole purpose is to test the security measures currently in place and test how to...

You can have all the tools in place: firewalls, security programs, routinely updated passwords and security team members. But that still might not be enough. We advocate for increased employee security awareness training as well as maintaining the patches and updates required for programs to run at full steam. Cyber security threats aren’t going away – if anything they’re increasing in size and...

Zombie accounts, also known as abandoned accounts, are user accounts left with no verifiable owner. This happens most often when someone leaves your company and their access to a certain application is never terminated. In a perfect world, the person that leaves you would never try and get back into your system for any reason. However, our world is not perfect. Instead, we have rogue players who...

*As used previously in GCN.com As governments look for more ways to reduce costs, electronic payments have become an economical method of purchase. Using credit or debit cards reduces the time it takes to receive funds, is less error-prone and makes it easier for residents to pay. Any agency that stores, processes or transmits card data must comply with the Payment Card Industry Data Security...

The Equifax breach was caused by a vulnerability. The WannaCry virus exploited a vulnerability. The stories don’t seem to end but it seems like no one is talking about how to solve this problem which is: start a vulnerability management program. “Manage the vulnerabilities in my network? Sounds easy” well, not so much, but not so difficult that you shouldn’t be spending time and resources on it....

Let's talk about actual tactics you can put in place to start building or improving your vulnerability management program. Step 1: Set Smart Goals“To better mitigate risk” is not a goal. Everyone wants to mitigate risk and that’s why your organization has a security team. In order to set a goal for your vulnerability management program, you have to first understand what assets you have that need...

Welcome to part two of our series on building a vulnerability management program. Today we go through steps three and four of our build but if you missed last week, you can catch up here. Step 3: PatchingYou’ve got your list of vulnerabilities from your scanner and now your vulnerability management solution has prioritized them all so the next step in this process is to start fixing your problems...

Safeguard Your Infrastructure and Data

Are you ready to reduce the risk of insider threats in your organization?