Self Improvement Site
On The Internet! Take the Self Improvement Tour
On The Internet! Take the Self Improvement Tour
Articles from Michael Peters | Selfgrowth.com
- Third-Party Breaches: How Secure are Your Vendors? - by Submitted on Jul 21, 2017 from Michael PetersVerizon, Trump Hotels, and the RNC are Among the Recent Victims of Third-Party Breaches Even if your own cyber security is up to snuff, your organization could be at risk of third-party breaches if your business partners are not as diligent as you are. Verizon just learned this lesson the ...
Views: 958 - What Your Cloud Business Needs to Know About SOC 2 Certification - by Submitted on Jan 25, 2019 from Michael PetersAs cyber threats present greater risks to enterprises of all sizes and in all industries, more are requiring that their SaaS providers and other cloud services vendors have an SOC 2 certification. Let’s examine what an SOC 2 certification is and why your cloud services business should get ...
Views: 957 - Proactive Cyber Security Tips for a Secure Cloud Migration - by Submitted on Nov 03, 2017 from Michael PetersEnsure a secure cloud migration with these simple, proactive cyber security tips Enterprises have much to gain by migrating to the cloud, which is why the U.S. government has adopted a “cloud-first” initiative. Cost savings and the ability to scale up and down quickly as organizational needs ...
Views: 956 - The 7 Cyber Attacks That Defined 2017 - by Submitted on Dec 15, 2017 from Michael PetersCyber criminals upped their game in 2017, launching everything from cryptocurrency thefts to international ransomware attacks. Here, we examine seven of the worst cyber attacks of 2017. 1. The Equifax Breach Any list of the worst cyber attacks of 2017 would be remiss if it did not include ...
Views: 956 - HBO Hack Underscores the Growing Threat of Digital IP Theft - by Submitted on Aug 16, 2017 from Michael PetersHBO Hack Targeted Valuable Intellectual Property and Company Secrets Corporate espionage and the theft of intellectual property and company secrets have gone cyber. The latest victim is cable network HBO and its flagship series Game of Thrones. The HBO hack, perpetrated by a hacker or group ...
Views: 955 - 6 Tips for Writing a GDPR-Compliant Privacy Policy - by Submitted on May 17, 2018 from Michael PetersWe’re down to the wire now; the GDPR compliance deadline is next Friday, May 25. As organizations scramble to get ready for the most far-reaching data privacy law ever put on the books, consumers’ email inboxes are being inundated with notices of privacy policy updates. In addition to ...
Views: 951 - Business Email Compromise Losses Top $12 Billion Globally, Says FBI - by Submitted on Jul 20, 2018 from Michael PetersGlobal losses from business email compromise scams, a highly sophisticated form of phishing, grew by 136% between December 2016 and May 2018 and now exceed $12 billion, according to a public service announcement released by the FBI. What Is a Business Email Compromise Scam? A business ...
Views: 950 - Medical Device Security Is Largely Nonexistent - by Submitted on May 31, 2017 from Michael PetersA new report by Synopsys and the Ponemon Institute finds that medical device security is plagued by a lack of standards, testing, and accountability. Healthcare organizations tend to focus their cyber security efforts on HIPAA compliance, protecting patient data, and defending against ...
Views: 944 - Proactive GRC Can Prevent AWS Security Breaches - by Submitted on Sep 07, 2017 from Michael PetersGovernance, risk, and compliance should be at the heart of AWS security procedures Another day, another AWS security breach, and this one is particularly bad because of the extraordinarily sensitive nature of the data that was compromised: Over 9,000 documents containing personal data on job ...
Views: 944 - POS Data Security an Issue as Fast-Food Restaurants Automate Ordering - by Submitted on Apr 10, 2017 from Michael PetersThe next time you buy a burger at McDonald’s or Wendy’s, a computer may be the one asking, “Would you like fries with that?” After decades of depending on human workers to take orders – and payments – American fast food chains are finally moving into the computer age, driven by rising minimum ...
Views: 940 - U.S. Federal Task Force Urges Proactive Healthcare Cyber Security - by Submitted on Jun 09, 2017 from Michael PetersThe Healthcare Industry Cybersecurity Task Force’s report on healthcare cyber security echoes a similar study on medical device security issued by Synopsys and the Ponemon Institute. On the heels of a damning study by Synopsys and the Ponemon Institute, which provides a blow-by-blow ...
Views: 939 - SEC Hack: Wall Street’s Top Regulator Breached - by Submitted on Sep 29, 2017 from Michael PetersThe SEC hack has pitched the international finance world into turmoil as Wall Street's top regulator admits to not having secured its own systems. Move over, Equifax; the SEC hack may have just stolen your thunder. Less than two weeks after Equifax disclosed that it had been breached, ...
Views: 936 - The WPA3 WiFi Security Standard: What Your Enterprise Needs to Know - by Submitted on Aug 21, 2018 from Michael PetersAccording to the Wi-Fi Alliance, there are now more IoT devices than there are humans on Earth, and over 50% of internet traffic travels through wireless networks. As people’s dependence on connected devices has grown, free public WiFi has become insanely popular, but it’s also insanely ...
Views: 933 - NIST 800–171 Compliance: A Guide for Government Contractors - by Submitted on Oct 14, 2018 from Michael PetersIf your company is part of the federal supply chain, you likely need to comply with NIST 800–171. NIST 800–171 compliance applies to contractors for the DoD, GSA, NASA, and other federal and state agencies; universities and research institutions that accept federal grants; consulting firms with ...
Views: 932 - Tips for Combating Shadow IT Usage in the Enterprise - by Submitted on Oct 18, 2018 from Michael PetersShadow IT is a very serious and growing threat to IT compliance and cyber security, and most organizations have no idea how common it really is. This article will examine some of the risks of shadow IT and discuss ways in which organizations can curb it. What Is Shadow IT? Shadow IT refers ...
Views: 930 - Many U.S. Companies Unaware that the GDPR Applies to Them - by Submitted on May 02, 2018 from Michael PetersWith just over three weeks to go until the May 25, 2018, deadline, many U.S. companies are woefully unprepared for the EU’s new General Data Protection Regulation, or GDPR. In fact, quite a few of them don’t yet realize they have to achieve GDPR compliance. A new survey by CompTIA found that “A ...
Views: 927 - What is HIPAA Compliance? - by Submitted on Apr 09, 2017 from Michael PetersConfused about HIPAA and whether your business must comply with it? This article will explain HIPAA and the importance of complying with this complex federal law. What is HIPAA? HIPAA is the Health Insurance Portability and Accountability Act of 1996, which was signed into law by President ...
Views: 927 - #MeToo Prompts Employers to Review their Anti-Harassment Policies - by Submitted on Feb 28, 2018 from Michael PetersThe #MeToo movement, which was birthed in the wake of sexual abuse allegations against Hollywood mogul Harvey Weinstein, has shined a spotlight on the epidemic of sexual harassment and discrimination in the U.S. According to a nationwide survey by Stop Street Harassment, a staggering 81% of ...
Views: 924 - Thousands of Websites Infected in Massive Cryptojacking Attack - by Submitted on Feb 15, 2018 from Michael PetersThousands of websites, including government sites in the United States, the U.K., and Australia, were ensnared in an international cryptojacking scheme, The Register reports: The affected sites all use a fairly popular plugin called Browsealoud, made by Brit biz Texthelp, which reads out ...
Views: 922 - Get Ready for Greater SEC Cyber Security Enforcement - by Submitted on Jul 12, 2017 from Michael PetersSEC cyber security enforcement is set to intensify in light of recent global attacks and new enforcement chiefs Public companies and firms operating in regulated industries, especially finance, should expect more SEC cyber security enforcement in the wake of new and emerging threats, like ...
Views: 921 - DNC Email Hack Highlights Need for Proactive Email Security - by Submitted on Apr 18, 2017 from Michael PetersThe NSA isn’t the only Washington organization being embarrassed by a data breach. The sorry state of cyber security in America has taken center stage in this year’s presidential election. In June, it was discovered that Russian cyber criminals had managed to hack the Democratic National ...
Views: 918 - Yahoo Hack Was the Result of Years of Poor Cyber Security Practices - by Submitted on Apr 14, 2017 from Michael PetersFor Years, Yahoo Put Usability Ahead of Cyber Security The massive Yahoo data breach, which compromised 500 million user accounts and put its acquisition by Verizon at risk, happened because the company repeatedly put product user experience ahead of security, the New York Times ...
Views: 915 - NIST Privacy Framework Under Development to Complement NIST CSF - by Submitted on Oct 05, 2018 from Michael PetersCiting the success of its cybersecurity framework and the advent of IoT devices, artificial intelligence, and other technologies that are making it more challenging than ever for enterprises to protect their customers’ privacy, NIST has launched a collaborative project to develop a voluntary ...
Views: 914 - Cloud Security: Understanding SOC 2 Type 2 Attestations - by Submitted on Sep 18, 2018 from Michael PetersWe are living in a cloud-first world; cloud services, including storage services and SaaS providers, are wildly popular. Unfortunately, third-party vendor breaches are at epidemic levels, and new regulations such as the EU GDPR are seeking to hold organizations accountable if third-party ...
Views: 910 - Four Takeaways from the WannaCry Ransomware Attacks - by Submitted on May 24, 2017 from Michael PetersThe recent WannaCry ransomware attacks put cyber security on the front page of every newspaper in the world. Now, everyone knows what ransomware is and how destructive it can be, but will anything change? Following are four critical lessons that both organizations and individuals should take ...
Views: 910 - Social Media Security and the Trump Twitter Account Incident - by Submitted on Nov 15, 2017 from Michael PetersSocial Media Security Matters; Just Look at the Trump Twitter Account Debacle Last week’s Trump Twitter account incident – where the president’s Twitter feed was deactivated for 11 minutes – was fodder for many late-night television jokes. All kidding aside, though, enterprise social media ...
Views: 906 - Mirai DDoS Attacks Illustrate Vulnerability of IoT Devices - by Submitted on Apr 18, 2017 from Michael PetersIoT manufacturers should take heed from the recent Mirai DDoS attacks. Late last year, a widespread attack on Dyn DNS “Managed DNS” infrastructure wreaked havoc across the internet and brought down a number of major websites, including PayPal, Twitter, Amazon, Netflix, GitHub, and Reddit. ...
Views: 900 - It’s Time to Get Serious About Education Cyber Security - by Submitted on Apr 06, 2017 from Michael PetersK-12 school systems, colleges, and universities are being increasingly targeted by hackers, yet education cyber security is as woefully lacking as other industries, as these recent incidents illustrate: • In November 2016, Columbia County School District in Georgia admitted to a breach of ...
Views: 897 - What Is RegTech, and What Can It Do For You? - by Submitted on Apr 19, 2017 from Michael PetersHow RegTech Simplifies Governance, Risk, and Compliance Complying with standards such as HIPAA, PCI DSS, FISMA, and SSAE 16 SOC reporting is complex, costly, and time-consuming, especially for organizations that must comply with multiple standards. You may have heard the term “RegTech” ...
Views: 897 - What is PCI DSS Compliance? - by Submitted on Apr 10, 2017 from Michael PetersConfused about PCI DSS compliance and what your business needs to do to comply with it? This article will explain PCI DSS and the importance of complying with this important information security standard. What is PCI DSS? PCI DSS stands for the Payment Card Industry (PCI) Data Security ...
Views: 892 - Post Equifax, New Data Breach Notification Laws are Inevitable - by Submitted on Jan 12, 2018 from Michael PetersThe U.S. Securities and Exchange Commission plans to update its six-year-old guidelines regarding data breach notification and cyber risk disclosure, Bank Info Security reports: The agency has indicated that it expects to refine guidance around how businesses disclose cybersecurity risks to ...
Views: 888 - States Worry About Election Hacking as Midterms Approach - by Submitted on Feb 21, 2018 from Michael PetersState officials expressed grave concerns about election hacking the day after Special Counsel Robert Mueller handed down indictments of 13 Russian nationals on charges of interfering with the 2016 presidential election. The Washington Post reports: At a conference of state secretaries of ...
Views: 888 - Cyber Security Best Practices for a Sustainable Digital Transformation - by Submitted on Jun 13, 2018 from Michael PetersThe rise of ecommerce, particularly mobile ecommerce, has fundamentally altered both consumer and business buying habits. Organizations are embracing digital transformation in an effort to appease modern buyers and enhance the customer experience while cutting costs and improving efficiency. The ...
Views: 887 - Understanding the NIST Cybersecurity Framework (NIST CSF) - by Submitted on Aug 08, 2018 from Michael PetersLast week, the NIST Small Business Cybersecurity Act (S. 770) passed the U.S. Senate and was sent to the White House, where the president is expected to sign it into law shortly. The bipartisan measure directs NIST to provide resources to small businesses to help them implement the NIST ...
Views: 886 - 5 Ways to Protect Your Retail Store from Data Breaches - by Submitted on Apr 18, 2017 from Michael PetersBoth brick-and-mortar and ecommerce retail stores make attractive targets for hackers, especially during the holidays. Retail stores are favorite targets of cyber criminals, especially during the holiday shopping season, when brick-and-mortar and ecommerce stores are flooded with customers, ...
Views: 885 - UC Berkeley Offers Cyber Security Advice to Donald Trump - by Submitted on Apr 18, 2017 from Michael PetersIn a new report, UC Berkeley’s Center for Long-Term Cybersecurity offers suggestions to President Elect Trump. Now that the election is over, the nation’s attention has turned to President Elect Donald Trump and what a Trump Administration will mean for cyber security. Notably, information ...
Views: 872 - How to Protect Your Organization From Malicious Insiders - by Submitted on Apr 18, 2017 from Michael PetersNo organization wants to think that one of its own trusted employees is out to get the firm. However, a study by Intel found that 43% of data losses are the result of “internal actors” – and about half of these incidents were due to the intentional acts of malicious insiders, not accidents or ...
Views: 871 - Uber Breach Gets Worse: Company Accused of Cyber Spying - by Submitted on Dec 21, 2017 from Michael PetersThe Uber breach, which compromised the data of 57 million drivers and customers worldwide, has just gone from bad to worse. Not only did the company wait for a year to disclose the hack, it scrambled to cover it up by forking over $100,000 in hush money to the hackers – which it funneled through ...
Views: 871 - Proactive Cyber Security Can Prevent Vote Hacking - by Submitted on Apr 18, 2017 from Michael PetersIn a heated political climate, even the appearance of vote hacking could threaten our nation’s democracy. The most contentious issue this election season may not be immigration or minimum wage laws but cyber security; specifically, the specter of vote hacking. Shortly after the discovery that ...
Views: 870 - WannaCry Ransomware Attack Forcing Everyone to Pay Attention to Cyber Security - by Submitted on May 18, 2017 from Michael PetersThe WannaCry ransomware attack was the end result of years of ignorance on the part of governments, private-sector firms, and the public regarding how serious cyber threats have become. The 2016 Shadow Brokers NSA hack came home to roost in a big way last week, when a code execution ...
Views: 870 - HIPAA Compliance Does Not Equal Data Security - by Submitted on Apr 14, 2017 from Michael PetersHealthcare is one of the most regulated industries in the U.S. HIPAA, or the Health Insurance Portability and Accountability Act of 1996, requires healthcare organizations and their third-party service providers, such as labs and billing companies, to have data security measures in place protect ...
Views: 868 - What a Trump Administration Means for Cyber Security - by Submitted on Apr 18, 2017 from Michael PetersWhat will the state of cyber security look like under a Donald Trump administration? The election is over, the votes have been counted, and thankfully, other than a few isolated reports of malfunctioning voting machines, Election Night was unremarkable from a cyber security perspective. Now, ...
Views: 868 - How to Protect Your Enterprise & Yourself from Phishing Attacks - by Submitted on May 30, 2018 from Michael PetersPhishing attacks are big business. The FBI estimates that business email compromise, a highly targeted form of phishing, costs U.S. businesses half a billion dollars a year, and the Verizon 2018 Data Breach Investigations Report found that 90% of cyber attacks began with a phishing ...
Views: 866 - GDPR Compliance Issues Could Cause WHOIS Directory to Go Dark - by Submitted on Apr 25, 2018 from Michael PetersThe deadline for compliance with the EU’s General Data Protection Regulation (GDPR) is fast approaching, and an astounding number of organizations are woefully unprepared to meet it. A new survey of IT decision-makers by Crowd Research Partners found that a whopping 60% of organizations will ...
Views: 865 - ICS Security: 3 Reasons Why Air Gapping No Longer Works - by Submitted on Jun 06, 2018 from Michael PetersThere has never been a power outage in the U.S. due to a cyber attack, but it happened in Ukraine over the Christmas holidays in 2015, and there have been attempts to breach U.S. power companies and hack the power grid. In March, the U.S. Department of Homeland Security issued an alert ...
Views: 862 - Spear Phishing: Don’t Take the Bait! - by Submitted on Apr 06, 2017 from Michael PetersDon’t let your business get caught on a spear phisher’s hook. Like regular phishing, spear phishing involves sending legitimate-looking but fraudulent emails asking users to provide sensitive information and/or initiate wire transfers. However, while regular phishing emails are sent out en ...
Views: 862 - The NSA Hack and the Sorry State of Cyber Security - by Submitted on Apr 18, 2017 from Michael PetersIn the hit USA Network series Mr. Robot, a rogue group of hacktivists target major corporations and the government. In a recent episode, the group enlists the help of a malicious insider to hack the FBI. Sound far-fetched? Maybe not: Around the same time this episode aired, an anonymous group of ...
Views: 862 - Penetration Tests vs. Vulnerability Scans: Understanding the Differences - by Submitted on Sep 19, 2018 from Michael PetersThe difference between penetration tests and vulnerability scans is a common source of confusion. While both are important tools for cyber risk analysis and are mandated under PCI DSS, HIPAA, and other security standards and frameworks, they are quite different. Let’s examine the similarities ...
Views: 860 - Top Cyber Threats Organizations Are Facing Right Now - by Submitted on Jul 26, 2018 from Michael PetersCyber security is a continuous game of Spy vs. Spy. Every time a new technology is introduced, the potential attack surface expands. The moment one vulnerability is patched, hackers find another way in. Keeping up can feel overwhelming, even for security professionals. In no particular order, ...
Views: 851 - What You Need to Know About GDPR Compliance - by Submitted on Dec 01, 2017 from Michael PetersThe deadline for GDPR compliance is right around the corner; is your company ready? Here’s what you need to know about this important new data protection law and what your organization must do to prepare for it. What is GDPR? The General Data Protection Regulation, or GDPR, was adopted by ...
Views: 849