Research, news and updates on cybersecurity and fraud
The US National Institute of Standards and Technology (NIST) just finalized new draft guidelines, completely reversing previous password security recommendations and upending many of the standards and best practices security professionals use when forming policies for their companies.
A Portal to Danger With the pandemic in 2020, it’s safe to say that healthcare changed forever. While many hospitals and care facilities had previously been distant to overhaul their telehealth services, the need for locked-down health facilities quickly shifted priorities. Patient portals rapidly became more common as they serve as a way for patients to communicate with providers, receive …
The Safeguards Rule A recent SEC ruling could inform future cybersecurity cases relating to how financial investment firms must secure their users’ personal accounts. In enforcement actions taken against eight different firms, the SEC announced on August 30, 2021, that each firm had violated the ‘Safeguards Rule’ for failing to protect against account takeover. Rule 30(a) of Regulation S-P, commonly known as the …
One Layer Isn’t Enough The Cybersecurity and Infrastructure Security Agency (CISA) in the United States recently announced adding single-factor authentication to their list of Bad Practices. CISA’s Bad Practices list contains a collection of exceptionally risky cybersecurity practices. Although intended for all industries, the practices listed are considered especially dangerous in organizations that support critical infrastructure or National Critical Functions (NCF). …
The City of Paso Robles, located in San Luis Obispo County, California, is famous for its award-winning wines and relaxed atmosphere. As such, it’s no surprise that the City is a popular tourist destination, with Paso Robles included in Travel and Leisure magazine’s “25 Top Places to Visit for the Holidays” in 2015 and 2016. Located halfway between San Francisco …
People have been relying on password-based security for millennia. The Roman military reportedly used what they called “watchwords” to identify soldiers on patrol. Exclusive groups and guilds used secret passwords to prove membership. The phrase “open sesame” protected hidden treasure in the story of Ali Baba and the Forty Thieves. In more recent times, the world’s first computer passwords were installed …
The Motion Picture Association (MPA) is the leading advocate of the worldwide film, television and streaming industry. Founded in 1922, the company today is championing the growing diversity of filmmakers, safeguarding intellectual property, advancing technological innovation, and supporting trade policies that can further expand the global film and TV marketplace. With operations in North America, Asia Pacific, Latin America and …
Cracked Wide Open Over the past decade, the number of data breaches in almost all industries has skyrocketed. From healthcare to finance, user credentials have become both the tool of cyberattack and one of its primary targets. The 2021 Verizon DBIR report indicated that upwards of 61% of breaches involved leveraged credentials. Communicating clearly about the problem The Open Web Application …
Repercussions from the ongoing pandemic are still reverberating through workplaces all over the world. Businesses are racing to catch up with the changes they’ve had to make to accommodate remote workers, digitalization, and new cloud technologies. Many have let their cybersecurity practices fall to the wayside in a rush to evolve with the times. In a report by PwC, 64% …
The healthcare industry sector is increasingly the target of cybercriminals. According to the Health Insurance Portability and Accountability Act (HIPAA) Journal, over the past eleven years (2009-2020) there have been more than 3,705 healthcare data breaches impacting more than 268 million medical records. Why is this happening, and what can we do to address it? The Culprits Weak and Compromised …
Businesses often say that their people are their greatest asset. When it comes to cybersecurity, this statement is truer than you might think. A constantly shifting threat landscape means cybersecurity best practices should be on everyone’s mind, not just your CTO or CISO. When employees of all areas, from new hires to the executive suite, are equipped to understand and …
