We are currently looking for an Official SelfGrowth.com Guide to "Risk Management". If you have expertise in Risk Management and your own website and/or product for this topic, please review this form for complete details. The Official Guide Position is part of our Premium Placement Package
According to an official email sent to users, hackers gained access to Docker Hub, the official repository for Docker container images, “for a brief period.” However, during that “brief period,” approximately 190,000 user accounts were compromised, containing data such as usernames, hashed ... Views: 742
As individuals become more savvy about avoiding phishing emails, and enterprises get better at filtering them out before they ever reach employees’ inboxes, it’s become more difficult for hackers to infect enterprise systems with ransomware and cryptojacking malware. Companies are also becoming ... Views: 861
A newly discovered design flaw in DICOM, a three-decade-old medical imaging standard, could be used to deliver malware inside what appears to be an innocuous image file, a researcher from Cylera has discovered. Because the malware would not alter the protected health information (PHI) contained ... Views: 770
Last year, the Wi-Fi Alliance announced the launch of the WPA3 WiFi security standard, which was developed to eliminate a number of security problems with WPA2. One of the major defense measures in WPA3 is the Simultaneous Authentication of Equals (SAE) handshake, which replaced the Pre-Shared ... Views: 757
What appears to have been a targeted ransomware attack knocked over 200 networked computers and servers offline at Arizona Beverages, one of the largest beverage suppliers in the U.S., TechCrunch reports. The attack, which the company was still struggling to recover from two weeks later, halted ... Views: 765
Last year, the FBI reported that incidents of business email compromise (BEC), also known as spear phishing, CEO fraud, and invoice fraud, had been reported in all 50 states and 150 countries, with global losses exceeding $12 billion. BEC scams are continuing to explode in popularity among cyber ... Views: 733
Lightweight cloud containers are fast replacing resource-sucking virtual machines, and Kubernetes is fast becoming the de facto standard for container orchestration. Kubernetes adoption doubled in 2018. Unfortunately, as with any popular technology, it was only a matter of time before hackers ... Views: 736
There was a time when things were simple. We would work in the job places and were personally paid in hard cash and so was true for business transactions. But with the passage of times, everything has undergone a great deal of sophistication and so has the mode of payments. Besides, worsening ... Views: 781
6 Important Small Business Cyber Security Tips
Chances are, you think twice before entering your credit card information online to buy something, watch out for malicious links in emails and keep your PC updated against viruses, spyware and hackers.
However, how much thought do you put ... Views: 822
Everyone already knew that Navy cybersecurity had big problems. Last fall, a Wall Street Journal report on Navy cybersecurity revealed that Chinese nation-state hackers had successfully breached a number of third-party Navy contractors over an 18-month period, stealing highly classified ... Views: 770
Email breaches can be just as destructive to organizations as customer data breaches; just ask Sony Pictures and the Democratic National Committee. A breach of a federal government agency’s email system may not just be embarrassing or scandalous to the agency; it could put national security at ... Views: 727
Nearly everyone knows that reusing passwords across multiple sites and systems is a security risk, but most people continue to do it anyway. As a result, credential stuffing attacks abound, especially among retailers. Dunkin’ Donuts has been victimized twice in the past three months by hackers ... Views: 758
For many organizations, particularly those in highly regulated industries such as healthcare, hybrid cloud environments offer the best of both worlds. Companies get to enjoy the easy scalability and other benefits of AWS, Microsoft Azure, or Google Cloud while isolating their critical workloads ... Views: 738
In this episode of Trial Lawyer Nation, Michael Cowen sits down with Cowen | Rodriguez | Peacock partner, Malorie Peacock, for another installment of TLN Table Talk to answer the questions of our listeners. Today’s topic focuses on storytelling in trial and identifying the “characters” in your ... Views: 746
Does Your Business Need a Website Maintenance Plan?
What Can Happen if You Neglect Your Newly-Built Site
So, your new site is complete – congratulations! There are a lot of moving parts to a build, from coding to design to content.
However, if you want to attract and retain customers, ... Views: 779
Preventing a scenario in which hazardous materials put at risk people, animals, vegetation and environment, should always be a number one priority. Even if we are talking about chemicals or materials that are just sitting there for ages in some dark corner, without causing any real damage, they ... Views: 699
Third-party vendor hacks, where hackers attack a company by compromising one of their business associates, have been a problem for a while. Now, the hackers behind GandCrab ransomware have gotten into the act, exploiting a year-old SQL injection vulnerability in a common remote IT support ... Views: 730
Cost is arguably the biggest impediment to robust, proactive cyber security at small and medium sized businesses (SMBs). SMBs are aware of the need to secure their systems and data, but when presented with a solution, the costs may give them pause. Some of them think that hackers are interested ... Views: 680
Ransomware isn’t a new threat. It first rose to prominence back in 2016, when Hollywood Presbyterian Medical Center shelled out $17,000 in bitcoin after an attack took the hospital offline. Since then, ransomware has only become more popular, especially for hackers targeting the healthcare ... Views: 623
Yes it’s time to hedge your risk, but don’t wait for that perfect moment. Both the economy and stock market are showing signs of stress. Here's what you need to know.
Here are some of the excuses we hear from professional money managers and risk managers for not having a hedging program ... Views: 568
From blocking ads and coin miners to saving news stories for later reading, browser extensions allow users to customize their web browsers for convenience, efficiency, and even privacy and security — usually for free. However, browser extensions need a wealth of access permissions to operate, ... Views: 690
As cyber threats present greater risks to enterprises of all sizes and in all industries, more are requiring that their SaaS providers and other cloud services vendors have an SOC 2 certification. Let’s examine what an SOC 2 certification is and why your cloud services business should get ... Views: 596
The financial impact of cyber attacks can be devastating, especially to small organizations. The HHS points out that the healthcare industry has the highest data breach cost of any industry, at an average of $408 per record and $2.2 million per organization. In 2016, the healthcare industry as a ... Views: 1051
Owning a home comes with a ton of responsibilities, and topping this list is ensuring that it is well protected. After all, it is among your most significant investments. While there are many ways to safeguard your home such as having a dog or joining a neighborhood watch group, a home security ... Views: 624
Noting that cyber security is “the responsibility of every health care professional, from data entry specialists to physicians to board members,” the U.S. Department of Health and Human Services (HHS) has published Health Industry Cybersecurity Practices: Managing Threats and Protecting Patients ... Views: 658
With an estimated 90% of cyber attacks caused by human error or behavior, it’s important to understand the most common cyber security mistakes your employees are probably making and know how to mitigate them.
Becoming victims of phishing schemes
Stolen login credentials are the most common ... Views: 646
The Federal Risk and Authorization Management Program, or FedRAMP, was designed to support the federal government’s “cloud-first” initiative by making it easier for federal agencies to contract with vendors that provide SaaS solutions and other cloud services. Unlike FISMA, which requires ... Views: 626
The years-long Marriott Starwood database breach was almost certainly the work of nation-state hackers sponsored by China, likely as part of a larger campaign by Chinese hackers to breach health insurers and government security clearance files, The New York Times reports. Why would foreign spies ... Views: 660
The Marriott Starwood breach, which exposed the personal data of 500 million guests, was not the largest data breach in terms of size; Yahoo still holds that dubious honor. However, because of the nature of the data stolen, it has the potential for a very long reach and highlights multiple cyber ... Views: 669
Like other criminals, hackers take advantage of people’s misconceptions regarding their risk of being victimized. Here are six common cyber security myths that could be putting your enterprise at risk.
Security Myth #1: Compliance Equals Cyber Security
Compliance with regulatory and ... Views: 708
A guide to advanced persistent threats (APTs), a highly sophisticated, highly destructive form of cyber attack.
What is an Advanced Persistent Threat (APT)?
“Advanced persistent threat” is a broad term used to describe a cyber attack where hackers covertly gain access to a system and ... Views: 630
As California goes, so does the rest of the country. While the California Consumer Privacy Act (CCPA), which was passed this summer and goes into effect in 2020, falls short of being an “American GDPR,” it clearly tore many pages from the far-reaching European data privacy law. Similar to the ... Views: 641
The cyber threat environment is becoming more dangerous every day. A recent survey by the World Economic Forum revealed that cyber-attacks were the number-one concern of executives in Europe and other advanced economies.
As we approach the winter holidays and the end of the year, let’s ... Views: 966
While digital currencies, particularly bitcoin, are the most common and well-known application of blockchain technology, they are far from being the sole or even the most important use. Blockchain is one of the most important technological advancements of the digital age, and its full potential ... Views: 897
Des Moines-based Voya Financial Advisors (VFA) has agreed to pay the U.S. Securities and Exchange Commission a $1 million penalty in the wake of an April 2016 breach that affected several thousand VFA customers. The SEC cyber enforcement action charged VFA with not having sufficient written ... Views: 621
The holiday season is fast approaching, but hackers don’t take vacations. Whether you’re planning to go home for the holidays or travel for business on a regular basis, make sure to protect yourself from cyber crime with these cyber security travel tips.
Update Your OS & Software
Before ... Views: 755
Shadow IT is a very serious and growing threat to IT compliance and cyber security, and most organizations have no idea how common it really is. This article will examine some of the risks of shadow IT and discuss ways in which organizations can curb it.
What Is Shadow IT?
Shadow IT refers ... Views: 522
If your company is part of the federal supply chain, you likely need to comply with NIST 800–171. NIST 800–171 compliance applies to contractors for the DoD, GSA, NASA, and other federal and state agencies; universities and research institutions that accept federal grants; consulting firms with ... Views: 516
Citing the success of its cybersecurity framework and the advent of IoT devices, artificial intelligence, and other technologies that are making it more challenging than ever for enterprises to protect their customers’ privacy, NIST has launched a collaborative project to develop a voluntary ... Views: 532
PCI DSS compliance is mandatory for any organization that accepts or processes payment cards, yet shockingly, a recent study by SecurityScorecard found that over 90% of U.S. retailers fail to meet four or more PCI DSS requirements.
Compliance with PCI DSS is not something to be taken lightly. ... Views: 590
The difference between penetration tests and vulnerability scans is a common source of confusion. While both are important tools for cyber risk analysis and are mandated under PCI DSS, HIPAA, and other security standards and frameworks, they are quite different. Let’s examine the similarities ... Views: 525
We are living in a cloud-first world; cloud services, including storage services and SaaS providers, are wildly popular. Unfortunately, third-party vendor breaches are at epidemic levels, and new regulations such as the EU GDPR are seeking to hold organizations accountable if third-party ... Views: 527
Investment Outlook , Published Jan 18, 2018
Contact
The opportunity cost of choosing risk aversion – investing in FDs for instance – has been high over the past two decades. Staying invested is clearly the right choice. Time and again investors have chosen risk aversion, and the opportunity ... Views: 485
There are more connected devices than there are humans on Earth. Organizations have been as quick to embrace the Internet of Things as consumers have, and the healthcare industry is no exception. Medical IoT devices have exploded in popularity and grown in complexity. Smart medical devices allow ... Views: 568
Businesses tend to gloss over social media cyber security, thinking that it’s more of an issue in their employees’ personal lives than a threat to workplace cyber security. However, one in eight enterprises have suffered a security breach that was traced back to a cyber attack on social ... Views: 575
According to the Wi-Fi Alliance, there are now more IoT devices than there are humans on Earth, and over 50% of internet traffic travels through wireless networks. As people’s dependence on connected devices has grown, free public WiFi has become insanely popular, but it’s also insanely ... Views: 548
Once a luxury item, free public WiFi has morphed into a standard service that consumers expect when patronizing everything from restaurants and retail stores to airports and hotels. Free WiFi users aren’t just checking Facebook or posting vacation photos to Instagram, either; all of us have sat ... Views: 575
Last week, the NIST Small Business Cybersecurity Act (S. 770) passed the U.S. Senate and was sent to the White House, where the president is expected to sign it into law shortly. The bipartisan measure directs NIST to provide resources to small businesses to help them implement the NIST ... Views: 511
Organizations can no longer depend on passwords alone to protect their systems and data, especially since 25% of employees admit to using the same password for all of their accounts, at home and at work, and stolen account credentials are hackers’ preferred way to break into enterprise systems. ... Views: 519
Cyber security is a continuous game of Spy vs. Spy. Every time a new technology is introduced, the potential attack surface expands. The moment one vulnerability is patched, hackers find another way in. Keeping up can feel overwhelming, even for security professionals.
In no particular order, ... Views: 553