Each year, Verizon issues a report summarizing the results of Payment Card Industry Data Security Standard (PCI DSS) compliance assessments of Fortune 550 and large multinational firms. According to the 2017 Payment Security Report, 55.4 percent of organizations passed their interim assessment in 2016 compared to only 48.4 percent in 2015. But while those numbers [...]
The Delaware Association for Nonprofit Advancement (DANA) has reported a new email scam targeting nonprofit organizations. The email subject reads: “RE: Action Required: Completed: *Foundation(R)#” and the body of the email includes what appears to be a Dropbox link. The organization reports that several nonprofits, including DANA, have received the email, and that it should [...]
The Better Business Bureau reports that as of June 30 there have already been 2,227 data breaches this year resulting in the theft of more than 6 billion records — exceeding the number for all of 2016. In response to the skyrocketing numbers of breaches, state legislatures around the country are amending breach notification statutes. [...]
More and more organizations are taking out cyber insurance policies as a hedge against the threat of a security breach. Insurance companies have reported an uptick in demand for cyber policies after the WannaCry ransomware attack in May. The European Union’s General Data Protection Regulation, which goes into effect in 2018, will also provide a [...]
In the previous post, we discussed IT policies every organization should have. Although most organizations are aware of modern security threats, such as the WannaCry and Petya ransomware attacks that affected hundreds of millions of devices around the world in recent days, the failure to implement or update IT policies is causing unnecessary risk. At [...]
Many small organizations are already struggling to keep pace with the growing number of government and industry regulations that affect their IT environments. And now a new directive from the European Union (EU) is expected to have a sweeping impact on organizations worldwide when it goes into effect next year. The EU General Data Protection [...]
Cyberattacks are constant, thanks to the use of automation to carry out attacks in high volume. The threats themselves are increasingly sophisticated in terms of technology and the ability to convince corporate users to click links, download documents and hand over credentials. As a result, security breaches should be viewed as inevitable instead of “it [...]
The unfortunate truth is that all Internet content you read, send or receive carries some degree of risk. Firewalls, passwords and encryption are essential, but they can’t eliminate every threat to your network resources. That’s why a comprehensive filtering solution that sifts through all Web, email and messaging content should be a part of every [...]
First introduced in the late 1980s, the firewall is one of the original network security tools — and it remains one of the most important. However, improperly maintained firewalls open the door to security breaches and regulatory failures. Firewalls exist to prevent unauthorized network access. Naturally, they have become more complex and sophisticated in response [...]
The speed and scale of the recent WannaCry ransomware attack was extraordinary, striking hundreds of thousands of computers in more than 200 countries within a span of 48 hours. It is believed to be the largest cyber extortion scheme in history. But it didn’t have to happen. While security analysts continue to unravel WannaCry’s code [...]
