Self Improvement Site
On The Internet! Take the Self Improvement Tour
On The Internet! Take the Self Improvement Tour
Articles from Michael Peters | Selfgrowth.com
- What Is Multi-Factor Authentication, and Why Is It So Important? - by Submitted on Aug 02, 2018 from Michael PetersOrganizations can no longer depend on passwords alone to protect their systems and data, especially since 25% of employees admit to using the same password for all of their accounts, at home and at work, and stolen account credentials are hackers’ preferred way to break into enterprise systems. ...
Views: 845 - Top Cyber Threats Organizations Are Facing Right Now - by Submitted on Jul 26, 2018 from Michael PetersCyber security is a continuous game of Spy vs. Spy. Every time a new technology is introduced, the potential attack surface expands. The moment one vulnerability is patched, hackers find another way in. Keeping up can feel overwhelming, even for security professionals. In no particular order, ...
Views: 851 - Business Email Compromise Losses Top $12 Billion Globally, Says FBI - by Submitted on Jul 20, 2018 from Michael PetersGlobal losses from business email compromise scams, a highly sophisticated form of phishing, grew by 136% between December 2016 and May 2018 and now exceed $12 billion, according to a public service announcement released by the FBI. What Is a Business Email Compromise Scam? A business ...
Views: 950 - Is the California Consumer Privacy Act the “American GDPR”? - by Submitted on Jul 12, 2018 from Michael PetersThe recent Exactis data leak, which could surpass Equifax in the sheer number and scope of records exposed, has data privacy advocates calling for an “American GDPR.” While it is unlikely that a federal data privacy law will come to pass anytime soon, some states have already taken matters into ...
Views: 965 - Nearly 340 Million Records Exposed in Exactis Data Leak - by Submitted on Jul 05, 2018 from Michael PetersLast week’s data leak at Exactis, a Florida-based marketing and data aggregation firm, has cyber security experts and data privacy advocates up in arms. WIRED reports: Earlier this month, security researcher Vinny Troia discovered that Exactis, a data broker based in Palm Coast, Florida, had ...
Views: 974 - Understanding the DMARC Email Security Protocol - by Submitted on Jul 01, 2018 from Michael PetersU.S. federal government agencies are required to use the email security protocol DMARC to prevent email spoofing, but the overwhelming majority of federal contractors either don’t have it installed or don’t have it set up properly. NextGov reports: Among the top 98 government contractors by ...
Views: 1067 - Tesla Breach Demonstrates the Importance of Industrial Cyber Security - by Submitted on Jun 20, 2018 from Michael PetersMassive data breaches are what grab headlines, but industrial cyber security attacks can be devastating in the real world. Tesla has just learned this lesson the hard way. CEO Elon Musk has accused a malicious company insider of altering product code, stealing data and exporting it to third ...
Views: 805 - Cyber Security Best Practices for a Sustainable Digital Transformation - by Submitted on Jun 13, 2018 from Michael PetersThe rise of ecommerce, particularly mobile ecommerce, has fundamentally altered both consumer and business buying habits. Organizations are embracing digital transformation in an effort to appease modern buyers and enhance the customer experience while cutting costs and improving efficiency. The ...
Views: 887 - ICS Security: 3 Reasons Why Air Gapping No Longer Works - by Submitted on Jun 06, 2018 from Michael PetersThere has never been a power outage in the U.S. due to a cyber attack, but it happened in Ukraine over the Christmas holidays in 2015, and there have been attempts to breach U.S. power companies and hack the power grid. In March, the U.S. Department of Homeland Security issued an alert ...
Views: 861 - How to Protect Your Enterprise & Yourself from Phishing Attacks - by Submitted on May 30, 2018 from Michael PetersPhishing attacks are big business. The FBI estimates that business email compromise, a highly targeted form of phishing, costs U.S. businesses half a billion dollars a year, and the Verizon 2018 Data Breach Investigations Report found that 90% of cyber attacks began with a phishing ...
Views: 866 - 6 Reasons to Stop Using Spreadsheets for GRC - by Submitted on May 24, 2018 from Michael PetersDespite the availability of modern GRC software, many organizations still use spreadsheets to conduct IT compliance audits and other GRC activities. While spreadsheets are highly useful for many business functions, especially accounting, they are not GRC tools. Depending on spreadsheets to ...
Views: 1006 - 6 Tips for Writing a GDPR-Compliant Privacy Policy - by Submitted on May 17, 2018 from Michael PetersWe’re down to the wire now; the GDPR compliance deadline is next Friday, May 25. As organizations scramble to get ready for the most far-reaching data privacy law ever put on the books, consumers’ email inboxes are being inundated with notices of privacy policy updates. In addition to ...
Views: 951 - 5 Things to Know About Email Marketing and the GDPR - by Submitted on May 10, 2018 from Michael PetersEmail marketing is big business. MarTech Advisor reports that it is the best-performing channel for a company’s ROI, and 61% of consumers prefer to receive offers via email, as opposed to only 5% who prefer social media offers. However, many organizations are concerned about how the GDPR, the ...
Views: 990 - Many U.S. Companies Unaware that the GDPR Applies to Them - by Submitted on May 02, 2018 from Michael PetersWith just over three weeks to go until the May 25, 2018, deadline, many U.S. companies are woefully unprepared for the EU’s new General Data Protection Regulation, or GDPR. In fact, quite a few of them don’t yet realize they have to achieve GDPR compliance. A new survey by CompTIA found that “A ...
Views: 926 - GDPR Compliance Issues Could Cause WHOIS Directory to Go Dark - by Submitted on Apr 25, 2018 from Michael PetersThe deadline for compliance with the EU’s General Data Protection Regulation (GDPR) is fast approaching, and an astounding number of organizations are woefully unprepared to meet it. A new survey of IT decision-makers by Crowd Research Partners found that a whopping 60% of organizations will ...
Views: 865 - 2018 Verizon Data Breach Report: Ransomware Most Common Malware - by Submitted on Apr 19, 2018 from Michael PetersWhile cryptominers are on the rise, ransomware was the most prevalent form of malware in 2017, according to the 2018 Verizon Data Breach Report, released last week. Ransomware made its first appearance in Verizon’s 2013 report, and this is the second year in a row in which ransomware incidents ...
Views: 1141 - Best Practices to Prevent Supply Chain Cyber Attacks - by Submitted on Apr 12, 2018 from Michael PetersDue to globalization and outsourcing, enterprise supply chains are more intricate than ever. Most products are no longer manufactured by a single entity. Materials, components, and even final products pass through multiple hands before ending up in the hands of end users. Additionally, most ...
Views: 1318 - Cyber Security Lesson Brief from the Under Armour Breach - by Submitted on Apr 04, 2018 from Michael PetersLast week, athletic apparel manufacturer Under Armour announced that its popular MyFitnessPal weight loss and fitness tracking app had been hacked, compromising 150 million accounts. The Under Armour breach is the largest data breach so far this year and ranks among the top five to date. It also ...
Views: 1121 - The 12 Biggest Cloud Security Threats Facing Your Organization - by Submitted on Mar 28, 2018 from Michael PetersCloud computing has opened up a world of opportunities for businesses, but it has also resulted in new cyber security threats. Some of these mirror the threats organizations have been combating on premises for years, while others are unique to the cloud. What are the top cloud security threats ...
Views: 963 - 10 Tips to Improve Employee Cyber Security Compliance - by Submitted on Mar 23, 2018 from Michael PetersYour organization’s people are your first line of defense against cyber criminals. Unfortunately, they’re also your weakest link. Insiders pose the biggest threat to cyber security in the healthcare industry, and only 13% of public sector employees “take personal responsibility for cyber ...
Views: 1114 - Employees Are Biggest Threat to Healthcare Data Security - by Submitted on Mar 15, 2018 from Michael PetersHealthcare data security is under attack from the inside. While insider threats — due to employee error, carelessness, or malicious intent — are a problem in every industry, they are a particular pox on healthcare data security. Two recent reports illustrate the gravity of the ...
Views: 1047 - Tax Phishing Scams Are Back: Here Are 3 to Watch Out For - by Submitted on Mar 07, 2018 from Michael PetersTax season is stressful enough without having to worry about becoming the victim of a cyber crime. Here are three different tax phishing scams targeting employers, individuals, and even tax preparers that are currently making the rounds. Employers: W-2 Phishing Emails The W-2 phishing ...
Views: 984 - #MeToo Prompts Employers to Review their Anti-Harassment Policies - by Submitted on Feb 28, 2018 from Michael PetersThe #MeToo movement, which was birthed in the wake of sexual abuse allegations against Hollywood mogul Harvey Weinstein, has shined a spotlight on the epidemic of sexual harassment and discrimination in the U.S. According to a nationwide survey by Stop Street Harassment, a staggering 81% of ...
Views: 924 - States Worry About Election Hacking as Midterms Approach - by Submitted on Feb 21, 2018 from Michael PetersState officials expressed grave concerns about election hacking the day after Special Counsel Robert Mueller handed down indictments of 13 Russian nationals on charges of interfering with the 2016 presidential election. The Washington Post reports: At a conference of state secretaries of ...
Views: 888 - Thousands of Websites Infected in Massive Cryptojacking Attack - by Submitted on Feb 15, 2018 from Michael PetersThousands of websites, including government sites in the United States, the U.K., and Australia, were ensnared in an international cryptojacking scheme, The Register reports: The affected sites all use a fairly popular plugin called Browsealoud, made by Brit biz Texthelp, which reads out ...
Views: 921 - Crypto-Mining Malware May Be a Bigger Threat than Ransomware - by Submitted on Feb 07, 2018 from Michael PetersCryptocurrencies such as Bitcoin and Ethereum have gone mainstream; it seems like everybody and their brother is looking to buy some crypto and get their piece of the digital currency gold rush. Hackers want a piece of it, too. In addition to hacking ICO’s and cryptocurrency exchanges, they’re ...
Views: 1025 - GSA Proposes Changes to Cyber Security Rules for Federal Contractors - by Submitted on Jan 31, 2018 from Michael PetersThe General Services Administration (GSA) is planning to tighten up federal contractor cyber security requirements regarding sensitive non-classified data, according to a Federal Register Notice dated January 12. The rules would cover internal contractor systems, external contractor systems, ...
Views: 817 - FINRA: Cyber Security Still a Major Threat to Broker-Dealers - by Submitted on Jan 26, 2018 from Michael PetersLatest FINRA Examination Findings Reveal That Firms Have Made Progress with Cyber Security, but Problems Remain Cyber security remains “one of the principal operational risks facing broker-dealers,” according to FINRA’s 2017 Examination Findings Report, and while progress has been made, many ...
Views: 814 - 5 Best Practices for Complying with SEC & FINRA Cyber Security Standards - by Submitted on Jan 19, 2018 from Michael PetersBoth the SEC and FINRA have indicated that they will put heavy emphasis on cyber security enforcement throughout 2018. While FINRA is explicit — among other things, it publishes a cyber security checklist and a detailed report on best practices — the SEC’s guidance is far more general. This ...
Views: 1132 - Post Equifax, New Data Breach Notification Laws are Inevitable - by Submitted on Jan 12, 2018 from Michael PetersThe U.S. Securities and Exchange Commission plans to update its six-year-old guidelines regarding data breach notification and cyber risk disclosure, Bank Info Security reports: The agency has indicated that it expects to refine guidance around how businesses disclose cybersecurity risks to ...
Views: 888 - 5 Reasons Why Your Enterprise Should Put IRM Before GRC - by Submitted on Jan 05, 2018 from Michael PetersOver the summer, Gartner announced that it was moving its focus away from GRC and launching a new Magic Quadrant for integrated risk management, or IRM: IRM enables simplification, automation and integration of strategic, operational and IT risk management processes and data. IRM goes beyond ...
Views: 1101 - Make These Cyber Security Resolutions for 2018 - by Submitted on Dec 28, 2017 from Michael PetersNow that the year is coming to an end, all eyes are on what’s possibly around the corner. More attacks on cryptocurrencies? An escalation in attacks by state-sponsored cyber criminals? Chaos as the EU’s GDPR is implemented? In cyber security, only one thing is certain: It’s a continuous game of ...
Views: 985 - Uber Breach Gets Worse: Company Accused of Cyber Spying - by Submitted on Dec 21, 2017 from Michael PetersThe Uber breach, which compromised the data of 57 million drivers and customers worldwide, has just gone from bad to worse. Not only did the company wait for a year to disclose the hack, it scrambled to cover it up by forking over $100,000 in hush money to the hackers – which it funneled through ...
Views: 871 - The 7 Cyber Attacks That Defined 2017 - by Submitted on Dec 15, 2017 from Michael PetersCyber criminals upped their game in 2017, launching everything from cryptocurrency thefts to international ransomware attacks. Here, we examine seven of the worst cyber attacks of 2017. 1. The Equifax Breach Any list of the worst cyber attacks of 2017 would be remiss if it did not include ...
Views: 956 - GDPR Compliance Means Transforming Your Data Governance - by Submitted on Dec 07, 2017 from Michael PetersOrganizations have until May 25, 2018, to comply with the EU’s new General Data Protection Regulation (GDPR). Arguably the most comprehensive, far-reaching data privacy law passed to date, the GDPR grants European consumers numerous new data privacy rights and places new data governance ...
Views: 979 - What You Need to Know About GDPR Compliance - by Submitted on Dec 01, 2017 from Michael PetersThe deadline for GDPR compliance is right around the corner; is your company ready? Here’s what you need to know about this important new data protection law and what your organization must do to prepare for it. What is GDPR? The General Data Protection Regulation, or GDPR, was adopted by ...
Views: 849 - Unencrypted Retail POS System Cited in Forever 21 Breach - by Submitted on Nov 25, 2017 from Michael PetersClothing retailer Forever 21 suffered a POS system breach in an undisclosed number of stores from March to October 2017, the company announced last week. The Forever 21 breach was discovered by a third party and involved hackers taking advantage of POS systems that were not encrypted. There ...
Views: 1092 - Compliance Automation Takes the Pain Out of the IT Audit Process - by Submitted on Nov 16, 2017 from Michael PetersAfter last year’s U.S. presidential election, many businesses eagerly awaited a new “era of deregulation” that would allegedly result in relaxed compliance requirements – and lower costs. Although some regulations have been relaxed or even repealed, IT compliance is as time-consuming and ...
Views: 1201 - Social Media Security and the Trump Twitter Account Incident - by Submitted on Nov 15, 2017 from Michael PetersSocial Media Security Matters; Just Look at the Trump Twitter Account Debacle Last week’s Trump Twitter account incident – where the president’s Twitter feed was deactivated for 11 minutes – was fodder for many late-night television jokes. All kidding aside, though, enterprise social media ...
Views: 905 - Proactive Cyber Security Tips for a Secure Cloud Migration - by Submitted on Nov 03, 2017 from Michael PetersEnsure a secure cloud migration with these simple, proactive cyber security tips Enterprises have much to gain by migrating to the cloud, which is why the U.S. government has adopted a “cloud-first” initiative. Cost savings and the ability to scale up and down quickly as organizational needs ...
Views: 955 - Why Cloud Service Providers Should Consider FedRAMP Certification - by Submitted on Oct 27, 2017 from Michael PetersThe Federal Risk and Authorization Management Program (FedRAMP) was designed to support the federal government’s “cloud-first” initiative by making it easier for federal agencies to contract with cloud providers. Like FISMA, DFARS, CJIS, and HIPAA, FedRAMP’s security controls are based on NIST ...
Views: 807 - FISMA, FedRAMP, and NIST: Federal Compliance Demystified - by Submitted on Oct 19, 2017 from Michael PetersFISMA, FedRAMP, NIST, DFARS, CJIS, HIPAA … Government compliance standards can seem like a veritable alphabet soup. Making matters even worse, a lot of them overlap, and many organizations aren’t certain which standards they need to comply with. Even if your organization does not currently ...
Views: 1054 - Cyber Risk Management Lessons Companies Need to Learn Right Now - by Submitted on Oct 11, 2017 from Michael PetersDon’t want your company to be the next Yahoo, Equifax, Deloitte, or SEC? Don’t ignore cyber risk management. October is National Cyber Security Awareness Month in the U.S., which is quite fitting right now, being as barely a day is going by without yet another disclosure of a massive hack, ...
Views: 1006 - 5 Best Practices for Successful Cyber Security Outsourcing - by Submitted on Oct 06, 2017 from Michael PetersBy following these best practices, organizations can enjoy the benefits of outsourcing their enterprise cyber security, minimize the risks, and build fruitful, long-term relationships with trusted providers. With the cyber security skills gap making it extremely difficult or even impossible ...
Views: 1080 - SEC Hack: Wall Street’s Top Regulator Breached - by Submitted on Sep 29, 2017 from Michael PetersThe SEC hack has pitched the international finance world into turmoil as Wall Street's top regulator admits to not having secured its own systems. Move over, Equifax; the SEC hack may have just stolen your thunder. Less than two weeks after Equifax disclosed that it had been breached, ...
Views: 936 - Six Cyber Security Best Practices for People and Businesses - by Submitted on Sep 20, 2017 from Michael PetersHacks do not happen in a vacuum; if one computer on a network is compromised, all machines on that network are at risk. For this reason, both enterprises and individuals have a responsibility to implement cyber security best practices – and this does not mean installing anti-virus software and a ...
Views: 1018 - Equifax Breach Compromises Half of U.S. Population - by Submitted on Sep 15, 2017 from Michael PetersThe Equifax breach isn’t the largest data breach, but it is one of the most troubling because of its massive scope, the nature of the information stolen, and the absolutely awful way in which it was handled. While Hurricane Irma dominated the national news late last week, a man-made disaster ...
Views: 1492 - Proactive GRC Can Prevent AWS Security Breaches - by Submitted on Sep 07, 2017 from Michael PetersGovernance, risk, and compliance should be at the heart of AWS security procedures Another day, another AWS security breach, and this one is particularly bad because of the extraordinarily sensitive nature of the data that was compromised: Over 9,000 documents containing personal data on job ...
Views: 944 - 3 Best Practices for AWS S3 Security - by Submitted on Aug 30, 2017 from Michael PetersSeveral high-profile breaches involving misconfigured Amazon Web Services servers have made the news. Here are three best practices to ensure AWS S3 security. Amazon Web Services (AWS) is the undisputed leader in the cloud services market. Large and small organizations alike flock to AWS ...
Views: 1258 - HBO Hacks Indicate a Company in Cyber Security Crisis - by Submitted on Aug 26, 2017 from Michael PetersHacks in the City: Latest in String of Attacks at HBO Targets Company’s Social Media Accounts HBO has had a rough summer, and things are getting progressively worse for the cable titan. The HBO hacks began in late June, when an individual hacker or group calling themselves “Mr. Smith” dumped ...
Views: 1027