Self Improvement Site
On The Internet! Take the Self Improvement Tour
On The Internet! Take the Self Improvement Tour
Risk Management Articles
We are currently looking for an Official SelfGrowth.com Guide to "Risk Management". If you have expertise in Risk Management and your own website and/or product for this topic, please review this form for complete details. The Official Guide Position is part of our Premium Placement Package
- Docker Hub Hack Compromises Sensitive Data from 190,000 Accounts - by Submitted on May 16, 2019 from Michael PetersAccording to an official email sent to users, hackers gained access to Docker Hub, the official repository for Docker container images, “for a brief period.” However, during that “brief period,” approximately 190,000 user accounts were compromised, containing data such as usernames, hashed ...
Views: 742 - How to Protect Your Business Website from Formjacking - by Submitted on May 05, 2019 from Michael PetersAs individuals become more savvy about avoiding phishing emails, and enterprises get better at filtering them out before they ever reach employees’ inboxes, it’s become more difficult for hackers to infect enterprise systems with ransomware and cryptojacking malware. Companies are also becoming ...
Views: 861 - Hackers Can Use DICOM Bug to Hide Malware in Medical Images - by Submitted on Apr 24, 2019 from Michael PetersA newly discovered design flaw in DICOM, a three-decade-old medical imaging standard, could be used to deliver malware inside what appears to be an innocuous image file, a researcher from Cylera has discovered. Because the malware would not alter the protected health information (PHI) contained ...
Views: 770 - Dragonblood Vulnerabilities Discovered in WPA3 WiFi Standard - by Submitted on Apr 24, 2019 from Michael PetersLast year, the Wi-Fi Alliance announced the launch of the WPA3 WiFi security standard, which was developed to eliminate a number of security problems with WPA2. One of the major defense measures in WPA3 is the Simultaneous Authentication of Equals (SAE) handshake, which replaced the Pre-Shared ...
Views: 757 - Arizona Beverages Ransomware Attack Halts Sales for Days - by Submitted on Apr 12, 2019 from Michael PetersWhat appears to have been a targeted ransomware attack knocked over 200 networked computers and servers offline at Arizona Beverages, one of the largest beverage suppliers in the U.S., TechCrunch reports. The attack, which the company was still struggling to recover from two weeks later, halted ...
Views: 765 - Business Email Compromise Attacks Increase by Nearly 500% - by Submitted on Apr 03, 2019 from Michael PetersLast year, the FBI reported that incidents of business email compromise (BEC), also known as spear phishing, CEO fraud, and invoice fraud, had been reported in all 50 states and 150 countries, with global losses exceeding $12 billion. BEC scams are continuing to explode in popularity among cyber ...
Views: 733 - Kubernetes Security Best Practices to Protect Your Cloud Containers - by Submitted on Apr 03, 2019 from Michael PetersLightweight cloud containers are fast replacing resource-sucking virtual machines, and Kubernetes is fast becoming the de facto standard for container orchestration. Kubernetes adoption doubled in 2018. Unfortunately, as with any popular technology, it was only a matter of time before hackers ...
Views: 736 - Trustly to Buy Everything Online Safe and Secure - by Submitted on Apr 01, 2019 from Amit ThakurThere was a time when things were simple. We would work in the job places and were personally paid in hard cash and so was true for business transactions. But with the passage of times, everything has undergone a great deal of sophistication and so has the mode of payments. Besides, worsening ...
Views: 781 - The Serious Job of Protecting Client Information - by Submitted on Mar 28, 2019 from Susan Friesen6 Important Small Business Cyber Security Tips Chances are, you think twice before entering your credit card information online to buy something, watch out for malicious links in emails and keep your PC updated against viruses, spyware and hackers. However, how much thought do you put ...
Views: 822 - Navy Cybersecurity Failures Detailed in New Report - by Submitted on Mar 23, 2019 from Michael PetersEveryone already knew that Navy cybersecurity had big problems. Last fall, a Wall Street Journal report on Navy cybersecurity revealed that Chinese nation-state hackers had successfully breached a number of third-party Navy contractors over an 18-month period, stealing highly classified ...
Views: 770 - NIST Issues Revised Guidance for Bolstering Federal Email Security - by Submitted on Mar 13, 2019 from Michael PetersEmail breaches can be just as destructive to organizations as customer data breaches; just ask Sony Pictures and the Democratic National Committee. A breach of a federal government agency’s email system may not just be embarrassing or scandalous to the agency; it could put national security at ...
Views: 727 - Proactive Tips for Preventing Credential Stuffing Attacks - by Submitted on Mar 12, 2019 from Michael PetersNearly everyone knows that reusing passwords across multiple sites and systems is a security risk, but most people continue to do it anyway. As a result, credential stuffing attacks abound, especially among retailers. Dunkin’ Donuts has been victimized twice in the past three months by hackers ...
Views: 758 - Hybrid Cloud Security Lags Behind Implementation - by Submitted on Mar 01, 2019 from Michael PetersFor many organizations, particularly those in highly regulated industries such as healthcare, hybrid cloud environments offer the best of both worlds. Companies get to enjoy the easy scalability and other benefits of AWS, Microsoft Azure, or Google Cloud while isolating their critical workloads ...
Views: 738 - Malorie Peacock – Storytelling in the Courtroom - by Submitted on Mar 01, 2019 from Michael CowenIn this episode of Trial Lawyer Nation, Michael Cowen sits down with Cowen | Rodriguez | Peacock partner, Malorie Peacock, for another installment of TLN Table Talk to answer the questions of our listeners. Today’s topic focuses on storytelling in trial and identifying the “characters” in your ...
Views: 746 - Does Your Business Need a Website Maintenance Plan? - by Submitted on Feb 28, 2019 from Susan FriesenDoes Your Business Need a Website Maintenance Plan? What Can Happen if You Neglect Your Newly-Built Site So, your new site is complete – congratulations! There are a lot of moving parts to a build, from coding to design to content. However, if you want to attract and retain customers, ...
Views: 779 - Safe Storing Tips For Dangerous Materials - by Submitted on Feb 22, 2019 from Ronald WolfPreventing a scenario in which hazardous materials put at risk people, animals, vegetation and environment, should always be a number one priority. Even if we are talking about chemicals or materials that are just sitting there for ages in some dark corner, without causing any real damage, they ...
Views: 699 - GandCrab Ransomware Exploiting an Old Vulnerability to Infect New Victims - by Submitted on Feb 21, 2019 from Michael PetersThird-party vendor hacks, where hackers attack a company by compromising one of their business associates, have been a problem for a while. Now, the hackers behind GandCrab ransomware have gotten into the act, exploiting a year-old SQL injection vulnerability in a common remote IT support ...
Views: 730 - The Cost of One Cyber Attack Can Cripple an SMB - by Submitted on Feb 13, 2019 from Michael PetersCost is arguably the biggest impediment to robust, proactive cyber security at small and medium sized businesses (SMBs). SMBs are aware of the need to secure their systems and data, but when presented with a solution, the costs may give them pause. Some of them think that hackers are interested ...
Views: 680 - What Is Ransomware-as-a-Service? Understanding RaaS - by Submitted on Feb 07, 2019 from Michael PetersRansomware isn’t a new threat. It first rose to prominence back in 2016, when Hollywood Presbyterian Medical Center shelled out $17,000 in bitcoin after an attack took the hospital offline. Since then, ransomware has only become more popular, especially for hackers targeting the healthcare ...
Views: 623 - It's a Mature Bull Market And Time For A Strategic Hedging Plan - by Submitted on Feb 06, 2019 from Dwayne StrocenYes it’s time to hedge your risk, but don’t wait for that perfect moment. Both the economy and stock market are showing signs of stress. Here's what you need to know. Here are some of the excuses we hear from professional money managers and risk managers for not having a hedging program ...
Views: 568 - Browser Extensions Can Pose Significant Cyber Security Threats - by Submitted on Jan 30, 2019 from Michael PetersFrom blocking ads and coin miners to saving news stories for later reading, browser extensions allow users to customize their web browsers for convenience, efficiency, and even privacy and security — usually for free. However, browser extensions need a wealth of access permissions to operate, ...
Views: 690 - What Your Cloud Business Needs to Know About SOC 2 Certification - by Submitted on Jan 25, 2019 from Michael PetersAs cyber threats present greater risks to enterprises of all sizes and in all industries, more are requiring that their SaaS providers and other cloud services vendors have an SOC 2 certification. Let’s examine what an SOC 2 certification is and why your cloud services business should get ...
Views: 596 - The Top 5 Cyber Threats to the Healthcare Industry - by Submitted on Jan 18, 2019 from Michael PetersThe financial impact of cyber attacks can be devastating, especially to small organizations. The HHS points out that the healthcare industry has the highest data breach cost of any industry, at an average of $408 per record and $2.2 million per organization. In 2016, the healthcare industry as a ...
Views: 1051 - Finding the Right Home Security System for Your Home - by Submitted on Jan 18, 2019 from Mohimenul IslamOwning a home comes with a ton of responsibilities, and topping this list is ensuring that it is well protected. After all, it is among your most significant investments. While there are many ways to safeguard your home such as having a dog or joining a neighborhood watch group, a home security ...
Views: 624 - HHS Publishes New Cyber Security Guidelines for Healthcare Industry - by Submitted on Jan 09, 2019 from Michael PetersNoting that cyber security is “the responsibility of every health care professional, from data entry specialists to physicians to board members,” the U.S. Department of Health and Human Services (HHS) has published Health Industry Cybersecurity Practices: Managing Threats and Protecting Patients ...
Views: 658 - The 6 Most Common Cyber Security Mistakes Your Employees Are Making - by Submitted on Jan 02, 2019 from Michael PetersWith an estimated 90% of cyber attacks caused by human error or behavior, it’s important to understand the most common cyber security mistakes your employees are probably making and know how to mitigate them. Becoming victims of phishing schemes Stolen login credentials are the most common ...
Views: 646 - Why your cloud business needs FedRAMP certification - by Submitted on Dec 27, 2018 from Michael PetersThe Federal Risk and Authorization Management Program, or FedRAMP, was designed to support the federal government’s “cloud-first” initiative by making it easier for federal agencies to contract with vendors that provide SaaS solutions and other cloud services. Unlike FISMA, which requires ...
Views: 626 - Chinese Hackers Pose a Serious Threat to Military Contractors - by Submitted on Dec 21, 2018 from Michael PetersThe years-long Marriott Starwood database breach was almost certainly the work of nation-state hackers sponsored by China, likely as part of a larger campaign by Chinese hackers to breach health insurers and government security clearance files, The New York Times reports. Why would foreign spies ...
Views: 660 - Marriott Starwood Breach Spotlights Multiple Cyber Security Issues - by Submitted on Dec 12, 2018 from Michael PetersThe Marriott Starwood breach, which exposed the personal data of 500 million guests, was not the largest data breach in terms of size; Yahoo still holds that dubious honor. However, because of the nature of the data stolen, it has the potential for a very long reach and highlights multiple cyber ...
Views: 669 - Common Cyber Security Myths That Hackers Want You to Keep Believing - by Submitted on Dec 07, 2018 from Michael PetersLike other criminals, hackers take advantage of people’s misconceptions regarding their risk of being victimized. Here are six common cyber security myths that could be putting your enterprise at risk. Security Myth #1: Compliance Equals Cyber Security Compliance with regulatory and ...
Views: 708 - Understanding & Preventing Advanced Persistent Threats (APTs) - by Submitted on Nov 29, 2018 from Michael PetersA guide to advanced persistent threats (APTs), a highly sophisticated, highly destructive form of cyber attack. What is an Advanced Persistent Threat (APT)? “Advanced persistent threat” is a broad term used to describe a cyber attack where hackers covertly gain access to a system and ...
Views: 630 - Best Practices for Complying with Data Privacy Laws - by Submitted on Nov 23, 2018 from Michael PetersAs California goes, so does the rest of the country. While the California Consumer Privacy Act (CCPA), which was passed this summer and goes into effect in 2020, falls short of being an “American GDPR,” it clearly tore many pages from the far-reaching European data privacy law. Similar to the ...
Views: 641 - The Top Cyber Security Threats Facing Enterprises in 2019 - by Submitted on Nov 14, 2018 from Michael PetersThe cyber threat environment is becoming more dangerous every day. A recent survey by the World Economic Forum revealed that cyber-attacks were the number-one concern of executives in Europe and other advanced economies. As we approach the winter holidays and the end of the year, let’s ...
Views: 966 - 5 Practical Applications of Blockchain to Cyber Security and Compliance - by Submitted on Nov 07, 2018 from Michael PetersWhile digital currencies, particularly bitcoin, are the most common and well-known application of blockchain technology, they are far from being the sole or even the most important use. Blockchain is one of the most important technological advancements of the digital age, and its full potential ...
Views: 897 - SEC Cyber Enforcement Action Cites Lack of Internal Controls - by Submitted on Oct 31, 2018 from Michael PetersDes Moines-based Voya Financial Advisors (VFA) has agreed to pay the U.S. Securities and Exchange Commission a $1 million penalty in the wake of an April 2016 breach that affected several thousand VFA customers. The SEC cyber enforcement action charged VFA with not having sufficient written ...
Views: 621 - 10 Cyber Security Travel Tips to Protect Your Devices & Data - by Submitted on Oct 31, 2018 from Michael PetersThe holiday season is fast approaching, but hackers don’t take vacations. Whether you’re planning to go home for the holidays or travel for business on a regular basis, make sure to protect yourself from cyber crime with these cyber security travel tips. Update Your OS & Software Before ...
Views: 755 - Tips for Combating Shadow IT Usage in the Enterprise - by Submitted on Oct 18, 2018 from Michael PetersShadow IT is a very serious and growing threat to IT compliance and cyber security, and most organizations have no idea how common it really is. This article will examine some of the risks of shadow IT and discuss ways in which organizations can curb it. What Is Shadow IT? Shadow IT refers ...
Views: 522 - NIST 800–171 Compliance: A Guide for Government Contractors - by Submitted on Oct 14, 2018 from Michael PetersIf your company is part of the federal supply chain, you likely need to comply with NIST 800–171. NIST 800–171 compliance applies to contractors for the DoD, GSA, NASA, and other federal and state agencies; universities and research institutions that accept federal grants; consulting firms with ...
Views: 516 - NIST Privacy Framework Under Development to Complement NIST CSF - by Submitted on Oct 05, 2018 from Michael PetersCiting the success of its cybersecurity framework and the advent of IoT devices, artificial intelligence, and other technologies that are making it more challenging than ever for enterprises to protect their customers’ privacy, NIST has launched a collaborative project to develop a voluntary ...
Views: 532 - Best Practices for Achieving PCI DSS Compliance - by Submitted on Sep 27, 2018 from Michael PetersPCI DSS compliance is mandatory for any organization that accepts or processes payment cards, yet shockingly, a recent study by SecurityScorecard found that over 90% of U.S. retailers fail to meet four or more PCI DSS requirements. Compliance with PCI DSS is not something to be taken lightly. ...
Views: 590 - Penetration Tests vs. Vulnerability Scans: Understanding the Differences - by Submitted on Sep 19, 2018 from Michael PetersThe difference between penetration tests and vulnerability scans is a common source of confusion. While both are important tools for cyber risk analysis and are mandated under PCI DSS, HIPAA, and other security standards and frameworks, they are quite different. Let’s examine the similarities ...
Views: 525 - Cloud Security: Understanding SOC 2 Type 2 Attestations - by Submitted on Sep 18, 2018 from Michael PetersWe are living in a cloud-first world; cloud services, including storage services and SaaS providers, are wildly popular. Unfortunately, third-party vendor breaches are at epidemic levels, and new regulations such as the EU GDPR are seeking to hold organizations accountable if third-party ...
Views: 527 - SANCTUM WEALTH MANAGEMENT: THE COST OF RISK AVERSION - by Submitted on Sep 10, 2018 from Sanctum WealthInvestment Outlook , Published Jan 18, 2018 Contact The opportunity cost of choosing risk aversion – investing in FDs for instance – has been high over the past two decades. Staying invested is clearly the right choice. Time and again investors have chosen risk aversion, and the opportunity ...
Views: 485 - NIST Issues Guidance for Medical IoT Device Security - by Submitted on Sep 05, 2018 from Michael PetersThere are more connected devices than there are humans on Earth. Organizations have been as quick to embrace the Internet of Things as consumers have, and the healthcare industry is no exception. Medical IoT devices have exploded in popularity and grown in complexity. Smart medical devices allow ...
Views: 568 - Social Media Cyber Security Risks and Best Practices for Businesses - by Submitted on Aug 29, 2018 from Michael PetersBusinesses tend to gloss over social media cyber security, thinking that it’s more of an issue in their employees’ personal lives than a threat to workplace cyber security. However, one in eight enterprises have suffered a security breach that was traced back to a cyber attack on social ...
Views: 575 - The WPA3 WiFi Security Standard: What Your Enterprise Needs to Know - by Submitted on Aug 21, 2018 from Michael PetersAccording to the Wi-Fi Alliance, there are now more IoT devices than there are humans on Earth, and over 50% of internet traffic travels through wireless networks. As people’s dependence on connected devices has grown, free public WiFi has become insanely popular, but it’s also insanely ...
Views: 548 - Cyber Security Best Practices When Using Public WiFi Networks - by Submitted on Aug 17, 2018 from Michael PetersOnce a luxury item, free public WiFi has morphed into a standard service that consumers expect when patronizing everything from restaurants and retail stores to airports and hotels. Free WiFi users aren’t just checking Facebook or posting vacation photos to Instagram, either; all of us have sat ...
Views: 575 - Understanding the NIST Cybersecurity Framework (NIST CSF) - by Submitted on Aug 08, 2018 from Michael PetersLast week, the NIST Small Business Cybersecurity Act (S. 770) passed the U.S. Senate and was sent to the White House, where the president is expected to sign it into law shortly. The bipartisan measure directs NIST to provide resources to small businesses to help them implement the NIST ...
Views: 511 - What Is Multi-Factor Authentication, and Why Is It So Important? - by Submitted on Aug 02, 2018 from Michael PetersOrganizations can no longer depend on passwords alone to protect their systems and data, especially since 25% of employees admit to using the same password for all of their accounts, at home and at work, and stolen account credentials are hackers’ preferred way to break into enterprise systems. ...
Views: 519 - Top Cyber Threats Organizations Are Facing Right Now - by Submitted on Jul 26, 2018 from Michael PetersCyber security is a continuous game of Spy vs. Spy. Every time a new technology is introduced, the potential attack surface expands. The moment one vulnerability is patched, hackers find another way in. Keeping up can feel overwhelming, even for security professionals. In no particular order, ...
Views: 553