The CMMC enforcement model will require a significant adjustment to the way contractors conduct government business – from procurement to execution. In Part 2 of this series, I discussed the possible impacts of having your company’s security rating made public. In Part 3, I would like to discuss the impact of having one unified standard for cybersecurity on a company’s compliance practices.
As a regular reader of Tripwire, you are aware that October is National Cyber Security Awareness Month. Way back in 2015, when the world was an entirely different place, I contributed an article that offered some tips for protecting yourself. Since that article, other scams have taken a front seat towards compromising our security. They are not new, but they seem to be the new “flavor of the day.”
The U.S. Senate passed a new law requiring the federal government to provide more support for organizations hit by ransomware. The DHS Cyber Hunt and Incident Response Teams Act will require the Department of Homeland Security to put together dedicated teams whose goal is to provide advice to organizations on how to protect their systems. This group will also be responsible for providing technical support and incident response assistance.
We at The State of Security are committed to helping aspiring information security professionals reach their full potential. Towards that end, we compiled a list of the top 10 highest paying jobs in the industry. We even highlighted the U.S. cities that tend to reward security personnel with the best salaries, amenities and other benefits. Knowing which job title you’d like and where you’d like to live goes a long way towards advancing one’s infosec career.
Healthcare continues to see staggering growth in breaches to patient health information. In the first half of 2019 alone, 32 million health records were breached, compared to 15 million records in the entire year of 2018. However, this trend of growing cyber breaches in healthcare is likely to persist due to the following characteristics of the healthcare industry...
Information security covers a wide area of various practices and techniques. In this article, we will take a closer look at the main components of this field.
There are parts of every business considered to be critical to its ability to function. Email, accounting, and customer service are a few. Indeed, if email went down, accounts receivable stopped, or customers couldn’t talk to anyone, the business would suffer. There is another critical function of business that isn’t widely viewed as such: security monitoring.
A selection of this week’s more interesting vulnerability disclosures and cyber security news. Three surprises this week with the first, well, I don’t think any kind of lead in will help. Just go for it, it’s a crazy one...
Food delivery service DoorDash announced in a blog post on Thursday that the company has suffered a data breach affecting millions of customers, workers, and merchants. The firm claims that an unauthorized party managed to access data belonging to 4.9 million DoorDash customers through a third-party service provider. An investigation into the security incident has determined that the unauthorized party accessed DoorDash user data on May 4, 2019.
Phishing is a cyber attack that gathers sensitive information like login credentials, credit card numbers, bank account numbers or other financial information by masquerading as a legitimate site. Personal information like social security numbers, phone numbers and social media account information are also common targets for cybercriminals who perform identity theft. Phishing scams trick victims by using social engineering to create a sense of urgency.
