Image Source: Unsplash Finding a new health-related app that tracks symptoms, increases self-care behaviors, or offers disease-specific education can be exciting for consumers. However, many apps share information with a host of other companies for marketing purposes. Often, these companies have nothing to do with healthcare and are not even a business the individual uses.
Health data and medical records belonging to millions of Americans have been found online, unprotected and available for abuse by anyone with basic computer knowledge. The medical records of more than 5 million patients in the U.S. and millions more across the globe are available to view online using free software programs or a regular web browser.
Information security is an exciting and rapidly growing field for individuals who are interested in protecting users and their data. In an effort to map out the industry as a possible career choice, we recently conducted research into the top 10 infosec jobs based on overall pay grade. We now continue with the second part of our two-part series.
The Federal Risk and Authorization Management Program (FedRAMP) is a federal program that ensures that the proper level of information security is in place when U.S. government agencies access cloud products and cloud services. FedRAMP standardizes the approach to security assessment, authorization, and continuous monitoring of cloud service providers (CSPs). FedRAMP grants authorizations to CSPs at three impact levels: low, medium, and high.
It’s less expensive to prevent cyber attacks than it is to repair the damage when they happen. Companies and institutions across industries lose money from cyber attacks all the time. There are the more obvious ways like piracy, data breaches, and litigation. There are also ways that accountants can’t quite put a dollar figure on, such as reputational damage that makes customers and clientele less likely to want to buy a company’s products and services in the future.
When it comes to securing email, most network admins focus on inbound security threats. This is understandable considering the threat viruses, malware, phishing and spear-phishing attacks pose to an organisation. But inbound threats aren’t the only threat organisations need to protect against. Outbound email poses a significant risk as well. Should an email server become compromised it can send out SPAM messages to all your contacts.
Staff members at the Campbell County Memorial Hosptial are scrambling to operate business as usual after the computer systems at the hospital were struck by ransomware last Friday. The hospital claims, " All CCH computer systems have been affected, which impacts the organization’s ability to provide patient care". The attack forced the healthcare provider to cancel some surgeries, and cancel all outpatient lab, respiratory therapy, radiology exams and procedures, and new inpatient admissions.
In part one of this series, I addressed what DoD contractors could be doing to prepare for the CMMC security level rating. In part two of the series, I want to discuss our customers’ concerns about the possible impacts of having their company’s security rating made public. According to the CMMC FAQ, all companies conducting business with the DoD must be certified (not just those who handle CUI), and the level of certification for each company will be made public.
Indicator of compromise or IOC is a forensic term that refers to the evidence on a device that points out to a security breach. In this article, we discussed how IOC can be useful for your cyber security team.
