A recent report indicated that IRPs “are frequently developed from within departmental silos, for example, within the organization’s IT security function, and do not address the considerations of business units or cross functional areas needed to coordinate and operate together during a response. This not only leads to an uncoordinated…

Continue Reading Cyber Pain Points: Failure to get buy-in for Incident Response Plan (IRP) in the top 10!

No surprises in a recent report that “cybercriminals utilize all forms of intelligence to exploit the weakest link as an attack vector…” and as result “almost every business is a target for malicious cyber attacks and the need for cyber security is an important part of protecting an organization’s reputation…

Continue Reading How does FUD (Fear, Uncertainty, and Doubt) help businesses learn about cyber threat intelligence?

With 4 million patient records exposed, this was the largest fine to date for breach of ePHI (electronic Protected Health Information) which included “demographic information, clinical information, health insurance information, patient names, addresses, credit card numbers and their expiration dates, and dates of birth.”  On August 4, 2016 the U.S.

Continue Reading HIPAA penalty of $5.5 million seems like a lot, but it’s only $1.375 per patient!

Even though “…Yandex retains more than 50 percent of the market for internet search, according to industry statistics”, Russia fined Google because “Google’s rivals had not been able to include their own offerings, like digital maps or search.”  Little surprise that the New York Times reported that Google’s denied of…

Continue Reading Russia fines Google $6.8 million for Android antritrust violation!

The New York Times reported “at least 858 cancellations and 7,359 delays across the global industry on Monday morning” in less than 5 hours based on a power outage at 2:30am EDT. But Delta’s story does not pass the smell test following Southwest Airlines’ recent claim of a single point…

Continue Reading Delta Airlines – Cyberattack or power failure – seems a lot like Southwest’ alleged router failure?

When reading Wikipedia’s 1992 Ten Commandments of Computer Ethics you can easily substitute “Internet” for “computer” and it’s amazing what you see…., for example the 1^st Commandment “You shall not use the Internet to harm other people.”  Here are all Ten Commandments of Internet Ethics (with my minor edits):…

Continue Reading The 10 Commandment of Internet Ethics

Ponemon reported that “over the past two years the average cost of a data breach for healthcare organizations is estimated to be more than $2.2 million. No healthcare organization, regardless of size, is immune from data breach.”  The “Sixth Annual Benchmark Study on Privacy & Security of Healthcare Data…

Continue Reading Cybercriminal data breaches in Healthcare may exceed a whopping $6.2 billion!

The HIPAA violation in violation of a Business Associate Agreement (BAA)  resulted from extensive PHI on an iPhone which “included social security numbers, information regarding diagnosis and treatment, medical procedures, names of family members and legal guardians, and medication information” according to a recent report from the Office for Civil…

Continue Reading Unencrypted PHI (Protected Health Information) on iPhone leads to $650,000 HIPAA penalty!