5 Open Source Security Tools You Should Use

Security on your desktop computing devices can be a hairy & unruly beast. It can often require a significant investment on your part to improve your security stance — but it doesn’t have to be that way. Herein we will explore some of the great… Continue reading

WannaCry Ransomware – 5 Lessons Learned

Unfortunately malicious software is an everyday occurrence. As of Friday May 12th a massive ransomware attack dubbed WannaCry infected over 230,000 Windows computers in over 150 countries. It’s spread was fast and furious. WannaCry ransomware held the victims computer/data for ransom by encrypting it. Among… Continue reading

What are Advanced Persistent Threats

APT or Advanced Persistent Threat is a continuous, stealthy and sophisticated process of hacking a particular target until a defined object is achieved. Herein we’ll explore in more detail of what an APT is as well as define the targets, methods and motivation of them.… Continue reading

Addressing the Insider Threat

Technology is a powerful tool in assuring the confidentiality, availability and integrity of your critical data – but it is no failsafe. Even the best of breed technology deployed in a layer approach (defense in depth) will have flaws. The most well meaning and resourced… Continue reading

Protecting Against Malicious USB

If you found a random USB device what would you do with it? Would you be curious and plug it into your computer to find what juicy secrets it holds? Or would you leave it where you found it? Most often, unsuspecting, ill-informed users take… Continue reading

Average Cost of Data Breach Increases to $4M in 2016

Data breaches are no joke, they bring real risks & serious quantifiable costs. A data breach is a security incident in which sensitive or confidential information is copied, transmitted or stolen by an unauthorized party. This data can be anything from credit card records, PHI… Continue reading

The HIPAA Audits are Coming

The HHS Office for Civil Rights (OCR) is gearing up for random audits of healthcare providers and partners. OCR is starting its 2nd phase of its ongoing audit program of CEs (Covered Entities), BA (Business Associates) in 2016. You may recall that HHS’ Office for… Continue reading

Defending Your Company From Ransomware

A recent high profile ransomware attacks at Ho11ywood Presbyterian has lessons for organization in healthcare and elsewhere. This organization is but one of the hundreds of thousands that have fallen victim to this type of malware. Ransomware is a particularly pernicious type of malware that… Continue reading

Protect Your Company from Phishing

Phishing attacks are a constant threat to organizations small and large. This post will explore some basic tips (technology and process) to keep you and your business safe in the face of this seemingly endless threat. According to the APWG (Anti-Phishing Working Group), The number… Continue reading

Why Network Monitoring

Would you ever drive blindfolded? Most assuredly not. Unfortunately, many IT organizations are effectively doing this on a daily basis by not implementing network monitoring. Alas most networks are careening towards disaster without even knowing it. IT Networks gain much from monitoring their networks that… Continue reading