Self Improvement Site
On The Internet! Take the Self Improvement Tour
On The Internet! Take the Self Improvement Tour
Articles from Michael Peters | Selfgrowth.com
- Will Cryptocurrency Regulation Attempts Do More Harm Than Good? - by Submitted on Jun 23, 2017 from Michael PetersWhite-Hat Hackers Are Already Being Caught in the Cryptocurrency Regulation Net Cryptocurrencies have long been associated with cyber crime. The cryptocurrency Bitcoin was the de facto currency of the notorious online black market Silk Road, it remains the preferred payment method on the Dark ...
Views: 1656 - The Top 5 Cyber Threats to the Healthcare Industry - by Submitted on Jan 18, 2019 from Michael PetersThe financial impact of cyber attacks can be devastating, especially to small organizations. The HHS points out that the healthcare industry has the highest data breach cost of any industry, at an average of $408 per record and $2.2 million per organization. In 2016, the healthcare industry as a ...
Views: 1569 - Data Breach Lawsuits a Reminder of the High Cost of Reactive Cyber Security - by Submitted on Apr 26, 2017 from Michael PetersHacked Companies Are Facing Data Breach Lawsuits Filed by Financial Institutions Data breaches aren’t cheap to clean up. Just ask Rosen Hotels, whose costs to clean up a 2016 breach could end up exceeding $2.4 million. Shockingly, that’s below the $4 million average cited by IBM. In addition ...
Views: 1533 - Equifax Breach Compromises Half of U.S. Population - by Submitted on Sep 15, 2017 from Michael PetersThe Equifax breach isn’t the largest data breach, but it is one of the most troubling because of its massive scope, the nature of the information stolen, and the absolutely awful way in which it was handled. While Hurricane Irma dominated the national news late last week, a man-made disaster ...
Views: 1492 - What DoD Contractors Need to Know About the CMMC - by Submitted on Jul 18, 2019 from Michael PetersCyberattacks on the U.S. government’s vast network of contractors and subcontractors pose a serious threat to national security, and the DoD is taking action. The agency tasked NIST with developing a set of guidelines addressing advanced persistent threats against contractors who handle ...
Views: 1445 - The Top Cyber Security Threats Facing Enterprises in 2019 - by Submitted on Nov 14, 2018 from Michael PetersThe cyber threat environment is becoming more dangerous every day. A recent survey by the World Economic Forum revealed that cyber-attacks were the number-one concern of executives in Europe and other advanced economies. As we approach the winter holidays and the end of the year, let’s ...
Views: 1439 - 5 Practical Applications of Blockchain to Cyber Security and Compliance - by Submitted on Nov 07, 2018 from Michael PetersWhile digital currencies, particularly bitcoin, are the most common and well-known application of blockchain technology, they are far from being the sole or even the most important use. Blockchain is one of the most important technological advancements of the digital age, and its full potential ...
Views: 1373 - Cyber Criminals Are Hijacking Computers for Cryptocurrency Mining - by Submitted on Jun 14, 2017 from Michael PetersCryptocurrency mining malware may end up being a bigger problem than WannaCry Organizations that think they dodged a bullet when their older systems did not fall prey to the WannaCry ransomware may want to think again. Weeks prior to the WannaCry attacks, a group of hackers was taking ...
Views: 1350 - NIST Proposes Stronger Cyber Standards for Defense Contractors - by Submitted on Jul 10, 2019 from Michael PetersU.S. defense contractors are being heavily targeted by foreign cybercriminals. An internal Navy cyber security audit ordered after a series of successful breaches of Navy contractors revealed an agency in complete cyber chaos “in ways few appreciate, fewer understand, and even fewer know what to ...
Views: 1325 - Best Practices to Prevent Supply Chain Cyber Attacks - by Submitted on Apr 12, 2018 from Michael PetersDue to globalization and outsourcing, enterprise supply chains are more intricate than ever. Most products are no longer manufactured by a single entity. Materials, components, and even final products pass through multiple hands before ending up in the hands of end users. Additionally, most ...
Views: 1318 - How to Protect Your Business Website from Formjacking - by Submitted on May 05, 2019 from Michael PetersAs individuals become more savvy about avoiding phishing emails, and enterprises get better at filtering them out before they ever reach employees’ inboxes, it’s become more difficult for hackers to infect enterprise systems with ransomware and cryptojacking malware. Companies are also becoming ...
Views: 1297 - Ethereum ICO Hacks Rattle Investors - by Submitted on Jul 27, 2017 from Michael PetersInitial Coin Offerings (ICOs) powered by the Ethereum blockchain platform are the hottest thing going right now, but are they secure? On July 24, 2017, the second Ethereum ICO hack in a week hit the news, as digital wallet firm Veritaseum disclosed to Bleeping Computer that a hacker stole ...
Views: 1280 - Smart Medical Devices are the Next Target for Hackers - by Submitted on Apr 10, 2017 from Michael PetersUp until now, healthcare cyber security has been focused on protecting patient data, ensuring HIPAA compliance, and, more recently, protecting systems from ransomware attacks. However, as healthcare technology advances, a new threat is emerging: the potential for hackers to attack smart medical ...
Views: 1272 - How Are IT Compliance and Cyber Security Different? - by Submitted on Jul 03, 2019 from Michael PetersIT compliance and cyber security are often used interchangeably, even within the cyber security and compliance fields. This is the basis for the completely incorrect and dangerous notion that achieving compliance automatically equals being secure. While there is some overlap, and the two ...
Views: 1269 - 3 Best Practices for AWS S3 Security - by Submitted on Aug 30, 2017 from Michael PetersSeveral high-profile breaches involving misconfigured Amazon Web Services servers have made the news. Here are three best practices to ensure AWS S3 security. Amazon Web Services (AWS) is the undisputed leader in the cloud services market. Large and small organizations alike flock to AWS ...
Views: 1258 - Hackers Can Use DICOM Bug to Hide Malware in Medical Images - by Submitted on Apr 24, 2019 from Michael PetersA newly discovered design flaw in DICOM, a three-decade-old medical imaging standard, could be used to deliver malware inside what appears to be an innocuous image file, a researcher from Cylera has discovered. Because the malware would not alter the protected health information (PHI) contained ...
Views: 1231 - NIST Proposes Secure Software Development Framework - by Submitted on Jun 29, 2019 from Michael PetersApplying software updates and patches as soon as possible is a cyber security best practice, but what if an update contains malicious code inserted by a hacker? Software supply chain attacks are a serious and growing problem for both private-sector organizations and the federal government. Among ...
Views: 1222 - 10 Cyber Security Travel Tips to Protect Your Devices & Data - by Submitted on Oct 31, 2018 from Michael PetersThe holiday season is fast approaching, but hackers don’t take vacations. Whether you’re planning to go home for the holidays or travel for business on a regular basis, make sure to protect yourself from cyber crime with these cyber security travel tips. Update Your OS & Software Before ...
Views: 1214 - The FedRAMP Assessment Process: Tips for Writing a FedRAMP SSP - by Submitted on May 23, 2019 from Michael PetersA FedRAMP SSP (System Security Plan) is the bedrock of a FedRAMP assessment and the primary document of the security package in which a cloud service provider (CSP) details their system architecture, data flows and authorization boundaries, and all security controls and their ...
Views: 1212 - Compliance Automation Takes the Pain Out of the IT Audit Process - by Submitted on Nov 16, 2017 from Michael PetersAfter last year’s U.S. presidential election, many businesses eagerly awaited a new “era of deregulation” that would allegedly result in relaxed compliance requirements – and lower costs. Although some regulations have been relaxed or even repealed, IT compliance is as time-consuming and ...
Views: 1201 - Arizona Beverages Ransomware Attack Halts Sales for Days - by Submitted on Apr 12, 2019 from Michael PetersWhat appears to have been a targeted ransomware attack knocked over 200 networked computers and servers offline at Arizona Beverages, one of the largest beverage suppliers in the U.S., TechCrunch reports. The attack, which the company was still struggling to recover from two weeks later, halted ...
Views: 1196 - Your Guide to the PCI DSS Merchant Levels - by Submitted on Jun 13, 2019 from Michael PetersIf your organization processes, stores, or transmits cardholder data for the major credit card brands, you are required to be compliant with PCI DSS. While PCI DSS is not required by U.S. federal law — it is an industry standard mandated by the credit card companies — but some states have laws ...
Views: 1189 - Cyber Insurance Market Full of Uncertainty and Skimpy Coverage - by Submitted on Apr 06, 2017 from Michael PetersDespite the escalating intensity and frequency of cyber attacks, fewer than 1/3 of U.S. businesses have purchased cyber insurance policies. A recent report by Deloitte provides insight into why organizations are deciding to go without cyber coverage, as well as why many insurers are hesitant to ...
Views: 1182 - Docker Hub Hack Compromises Sensitive Data from 190,000 Accounts - by Submitted on May 16, 2019 from Michael PetersAccording to an official email sent to users, hackers gained access to Docker Hub, the official repository for Docker container images, “for a brief period.” However, during that “brief period,” approximately 190,000 user accounts were compromised, containing data such as usernames, hashed ...
Views: 1181 - Government Ransomware Is Everyone's Problem - by Submitted on Apr 06, 2017 from Michael PetersThe word “ransomware” has become synonymous with the healthcare industry, but government ransomware attacks are a growing threat. Over the past year, the healthcare industry has been battered by an epidemic of ransomware attacks. The problem has become so ubiquitous that it is making their ...
Views: 1179 - Cyberespionage a Growing Threat, Says Verizon DBIR - by Submitted on May 10, 2017 from Michael PetersThe 2017 Verizon Data Breach Report Reveals that Hackers Aren’t Just After Payment Cards and Identities Anymore Cyberespionage is a growing problem, especially in the manufacturing industry, professional services, education, and the public sector, according to the 2017 Verizon Data Breach ...
Views: 1174 - Lower HIPAA Fines Aren’t a License to Relax Cyber Security - by Submitted on May 16, 2019 from Michael PetersFollowing a record year for HIPAA settlements that saw the U.S. Department of Health and Human Services (HHS) collect $28.7 million in HIPAA fines, HHS has reduced the maximum annual HIPAA fine in three out of the four penalty tiers. However, HHS’ move doesn’t mean that healthcare organizations ...
Views: 1169 - Hybrid Cloud Security Lags Behind Implementation - by Submitted on Mar 01, 2019 from Michael PetersFor many organizations, particularly those in highly regulated industries such as healthcare, hybrid cloud environments offer the best of both worlds. Companies get to enjoy the easy scalability and other benefits of AWS, Microsoft Azure, or Google Cloud while isolating their critical workloads ...
Views: 1164 - Proactive Tips for Preventing Credential Stuffing Attacks - by Submitted on Mar 12, 2019 from Michael PetersNearly everyone knows that reusing passwords across multiple sites and systems is a security risk, but most people continue to do it anyway. As a result, credential stuffing attacks abound, especially among retailers. Dunkin’ Donuts has been victimized twice in the past three months by hackers ...
Views: 1162 - Business Email Compromise Attacks Increase by Nearly 500% - by Submitted on Apr 03, 2019 from Michael PetersLast year, the FBI reported that incidents of business email compromise (BEC), also known as spear phishing, CEO fraud, and invoice fraud, had been reported in all 50 states and 150 countries, with global losses exceeding $12 billion. BEC scams are continuing to explode in popularity among cyber ...
Views: 1161 - GandCrab Ransomware Exploiting an Old Vulnerability to Infect New Victims - by Submitted on Feb 21, 2019 from Michael PetersThird-party vendor hacks, where hackers attack a company by compromising one of their business associates, have been a problem for a while. Now, the hackers behind GandCrab ransomware have gotten into the act, exploiting a year-old SQL injection vulnerability in a common remote IT support ...
Views: 1155 - Understanding the Role of the FedRAMP 3PAO During Assessment - by Submitted on May 30, 2019 from Michael PetersThe Federal Risk and Authorization Management Program (FedRAMP) was designed to support the federal government’s “cloud-first” initiative by providing a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services. All cloud service ...
Views: 1153 - Navy Cybersecurity Failures Detailed in New Report - by Submitted on Mar 23, 2019 from Michael PetersEveryone already knew that Navy cybersecurity had big problems. Last fall, a Wall Street Journal report on Navy cybersecurity revealed that Chinese nation-state hackers had successfully breached a number of third-party Navy contractors over an 18-month period, stealing highly classified ...
Views: 1152 - Dragonblood Vulnerabilities Discovered in WPA3 WiFi Standard - by Submitted on Apr 24, 2019 from Michael PetersLast year, the Wi-Fi Alliance announced the launch of the WPA3 WiFi security standard, which was developed to eliminate a number of security problems with WPA2. One of the major defense measures in WPA3 is the Simultaneous Authentication of Equals (SAE) handshake, which replaced the Pre-Shared ...
Views: 1147 - Which FedRAMP Security Impact Level Is Right for You? - by Submitted on Jun 22, 2019 from Michael PetersYou would never pay $1,000 upfront and $30/month for a security system to protect a shed containing $100 worth of lawn equipment. However, you wouldn’t hesitate to spend that much or more to protect your home and family. The same concept applies in information security. Different kinds of data ...
Views: 1145 - Understanding the Updated SOC 2 Trust Services Criteria - by Submitted on Jun 13, 2019 from Michael PetersOutsourcing IT services to service organizations has become a normal part of doing business, even for small companies. However, there are risks to using service providers, and these continue to evolve and change. In this dynamic environment, the American Institute of Certified Public Accountants ...
Views: 1144 - 2018 Verizon Data Breach Report: Ransomware Most Common Malware - by Submitted on Apr 19, 2018 from Michael PetersWhile cryptominers are on the rise, ransomware was the most prevalent form of malware in 2017, according to the 2018 Verizon Data Breach Report, released last week. Ransomware made its first appearance in Verizon’s 2013 report, and this is the second year in a row in which ransomware incidents ...
Views: 1141 - Will Cyber Insurance Cover Your Business After a Ransomware Attack? - by Submitted on Apr 06, 2017 from Michael PetersDon’t depend on a cyber insurance policy to cover your losses after a ransomware attack. Hackers have discovered that there’s fast, easy money in holding enterprise systems hostage, especially in industries that process and store highly sensitive data, such as education and healthcare. The ...
Views: 1139 - Kubernetes Security Best Practices to Protect Your Cloud Containers - by Submitted on Apr 03, 2019 from Michael PetersLightweight cloud containers are fast replacing resource-sucking virtual machines, and Kubernetes is fast becoming the de facto standard for container orchestration. Kubernetes adoption doubled in 2018. Unfortunately, as with any popular technology, it was only a matter of time before hackers ...
Views: 1136 - 5 Ransomware Threats to Watch Out for in 2017 - by Submitted on Apr 18, 2017 from Michael PetersBe Prepared for these New and Emerging Ransomware Threats Ransomware threats are everywhere, and the problem is going to get much worse before it gets any better. According to a recent survey, about half of all businesses have experienced a ransomware attack at least once in the last 12 ...
Views: 1135 - New York State Cyber Security Regulations Emphasize Governance, Risk & Compliance - by Submitted on Apr 06, 2017 from Michael PetersNew York State Cyber Security Law Heavy on GRC and Proactive Cyber Security The first phase of the New York state cyber security regulations, which apply to insurance companies, banks, and other financial institutions operating within the state, went into effect at the beginning of March. ...
Views: 1135 - 5 Best Practices for Complying with SEC & FINRA Cyber Security Standards - by Submitted on Jan 19, 2018 from Michael PetersBoth the SEC and FINRA have indicated that they will put heavy emphasis on cyber security enforcement throughout 2018. While FINRA is explicit — among other things, it publishes a cyber security checklist and a detailed report on best practices — the SEC’s guidance is far more general. This ...
Views: 1132 - Cyber Security Lesson Brief from the Under Armour Breach - by Submitted on Apr 04, 2018 from Michael PetersLast week, athletic apparel manufacturer Under Armour announced that its popular MyFitnessPal weight loss and fitness tracking app had been hacked, compromising 150 million accounts. The Under Armour breach is the largest data breach so far this year and ranks among the top five to date. It also ...
Views: 1121 - Common Cyber Security Myths That Hackers Want You to Keep Believing - by Submitted on Dec 07, 2018 from Michael PetersLike other criminals, hackers take advantage of people’s misconceptions regarding their risk of being victimized. Here are six common cyber security myths that could be putting your enterprise at risk. Security Myth #1: Compliance Equals Cyber Security Compliance with regulatory and ...
Views: 1118 - NIST Issues Revised Guidance for Bolstering Federal Email Security - by Submitted on Mar 13, 2019 from Michael PetersEmail breaches can be just as destructive to organizations as customer data breaches; just ask Sony Pictures and the Democratic National Committee. A breach of a federal government agency’s email system may not just be embarrassing or scandalous to the agency; it could put national security at ...
Views: 1115 - 10 Tips to Improve Employee Cyber Security Compliance - by Submitted on Mar 23, 2018 from Michael PetersYour organization’s people are your first line of defense against cyber criminals. Unfortunately, they’re also your weakest link. Insiders pose the biggest threat to cyber security in the healthcare industry, and only 13% of public sector employees “take personal responsibility for cyber ...
Views: 1114 - The Cost of One Cyber Attack Can Cripple an SMB - by Submitted on Feb 13, 2019 from Michael PetersCost is arguably the biggest impediment to robust, proactive cyber security at small and medium sized businesses (SMBs). SMBs are aware of the need to secure their systems and data, but when presented with a solution, the costs may give them pause. Some of them think that hackers are interested ...
Views: 1110 - 5 Reasons Why Your Enterprise Should Put IRM Before GRC - by Submitted on Jan 05, 2018 from Michael PetersOver the summer, Gartner announced that it was moving its focus away from GRC and launching a new Magic Quadrant for integrated risk management, or IRM: IRM enables simplification, automation and integration of strategic, operational and IT risk management processes and data. IRM goes beyond ...
Views: 1101 - Browser Extensions Can Pose Significant Cyber Security Threats - by Submitted on Jan 30, 2019 from Michael PetersFrom blocking ads and coin miners to saving news stories for later reading, browser extensions allow users to customize their web browsers for convenience, efficiency, and even privacy and security — usually for free. However, browser extensions need a wealth of access permissions to operate, ...
Views: 1101 - Cyber Security Issues Could Stall Self-Driving Cars - by Submitted on Apr 14, 2017 from Michael PetersHow quickly self-driving cars roll out is dependent on the industry addressing some very serious cyber security issues with smart cars and IoT devices in general. Self-driving cars are what everyone is talking about, but many people question whether the machine learning and artificial ...
Views: 1098