Understand Risk to Evaluate Your Cyber Insurance Needs and Reduce Costs

Reports of data breaches and cyber attacks are all too commonplace. In recent news of the Heartbleed bug that has been discovered in OpenSSL encryption software, we see that even companies who are doing “everything right” can be open to unforeseen gaps in security that threaten their compliance and the integrity of vital systems. Cybersecurity Addressed by … Continued

How serious is the SSL/TLS FREAK vulnerability?

Freak vulnerability alerts from the Department of Homeland Security’s National Cybersecurity and Communications Integration Center are never good news. Discovered and reported this March 2015, the FREAK (Factoring Attack on RSA-EXPORT Keys CVE-2015-0204) is a weakness in some implementations of SSL/TLS that may allow an attacker to decrypt secure communications between vulnerable clients and servers.  The … Continued

Incident Response Success; How fast you react matters!

Fast Lane to Incident Response Success Is your incident response plan up to speed? Should your company suddenly face a data breach or a security incident, is your team prepared? If you do not have a documented, practiced plan you will find yourselves playing catch up which could greatly increase the resulting damage to the … Continued

HIPAA Audits Planned for 2015 are Still On Hold

We received news last week that HIPAA audits originally set to begin in late 2014 are going to remain on hold indefinitely. It is unclear why the audits have again been postponed or what this means for enforcement. But I would stress to our clients and readers that this only lessens your company’s risk of an audit (which … Continued

Don’t Let BYOD Mean “Bring Your Own Data Breach”

Letting employees work from their personal smartphone or tablet is not only convenient for you, it’s just a fact of life. Companies that try to restrict or limit BYOD or “bring your own device” for their employees often only serve to frustrate and hinder employees’ productivity. Ultimately, these devices are part of how we live and how … Continued

15 (Mostly) Easy Steps to Better IT Security in 2015

Your gym was probably full this morning. Maybe the line at the coffee shop was shorter. This is an interesting time of year. After weeks of busyness, stress, and jam-packed calendars, people are ready to sink back into a “normal” routine and many of us are determined to accomplish more, do better, and tackle new … Continued

Is this Breach the Scariest Thing We’ve Seen from Sony in a Long While?

News is not joyous for Sony this holiday season. Every day there is a new development, more leaked information, and now outright threats from the “Guardians of Peace” attackers who have taken over Sony’s network and systems. The dramatic developments have been fascinating but, if it doesn’t frighten you, consider being a Sony employee and … Continued

Your Employees Are VIPs – Valuable Information Possessors

Your employees are very important to cybercriminals who would like to gain access to your business or facility, your systems, and your client or patient data. Instances of phishing and social engineering attacks increased dramatically in 2014 and all indications are that we should expect more of the same in the new year. Businesses and … Continued

The Big Lesson to Learn from Security Breaches of 2014: Vigilance

As the weather turns colder (even here in Florida) and we head into the holiday season, it inevitable that we would reflect on the year that is winding down. It may seem early for an “end of the year” or 2014 recap post but, in IT security, the slew of bad news and high profile breaches that … Continued

Are Your Employees’ Passwords Secure?

Password security seems like common sense. If you work in IT or security, you hopefully employ common best practices consistently and understand the importance of good password habits. Research continues to show, however, that not everyone understands and applies such best practices. SplashData’s 2013 list of worst passwords still includes such obviously risky passwords such as 123456, … Continued

Is your organization HIPAA compliant?

Contact us to find out sooner rather than later.

Ask about our letters of attestation that demonstrate your compliance!