The Coalfire Blog

Welcome to the Coalfire Blog, a resource covering the most important issues in IT security and compliance. You'll also find information on Coalfire's insights into the unique IT GRC issues that impact the industries we serve, including RetailFinancial Services, Healthcare, Higher Education, Software, Government and Utilities.

The Coalfire blog is written by the company's leadership team and our highly-credentialed security assessment experts. We look forward to your comments, so please join the conversation.


  • Secret Services Issues Warning to Hospitality Industry, Now What?

    July 25, 2014, Dan Fritsche, Practice Director, Coalfire Labs

    Dan Fritsche

    The U.S. Secret Service has issued an advisory to the hospitality industry to be on alert for keyloggers on the computers in the business center. Whether your hotel received this advice or not, this is something that will undoubtedly affect your business in the near future. We’ve put together this brief guide on reacting to the advisory.  Read More

    Posted in: breach, cybersecurity, Forensics, keylogging, Labs, Risk, security | 0 Comments

  • Cybersecurity and the Financial Services Industry

    July 03, 2014, Justin Orcutt, Regional Sales Manager

    Justin Orcutt

    2014 is the year that the US Securities and Exchange Commission’s Office of Compliance Inspections and Examinations (OCIE) is turning its focus to cybersecurity, a looming threat to any and all companies that utilize the internet. In case you missed my last post, back in March the OCIE hosted a Cybersecurity Roundtable to discuss the importance of protecting consumer data and the security of market systems following a steep increase in breaches by its members.  Read More

    Posted in: cybersecurity, GRC, Risk | 0 Comments

  • What you need to know from the OCR’s Report to Congress on Breaches and HIPAA Rules Compliance

    June 26, 2014, Rick Link,

    Rick Link

    Last week the HHS Office for Civil Rights (OCR) issued their Annual Report to Congress on Breaches of Unsecured Protected Health Information (PHI) for calendar years 2011 and 2012. This is their second annual report required by the Health Information Technology for Economic and Clinical Health (HITECH) Act of 2009. Read More

    Posted in: Healthcare, HIPAA | 0 Comments

  • Emerging Threats and Going Beyond Compliance

    June 25, 2014, Kennet Westby, President and COO

    Kennet Westby

    I recently presented to a C-level gathering of retail finance executives about the industry’s changing threat landscape and the emerging threats facing omni-channel sellers. The retail security environment has changed dramatically in the past few years. Not that long ago, retailers mostly worried about protecting payment card information and staying PCI compliant. Read More

    Posted in: GRC, PCI | 0 Comments

  • HIMSS Privacy & Security Forum – West 2014 Wrap-Up

    June 23, 2014, Andrew Hicks, Director, Healthcare Practice Lead

    Andrew Hicks

    The first HIMSS Privacy & Security Forum in the western U.S. proved to be a success and was attended by over 300 people including attendees (CEs and BAs), speakers, exhibitors, and partners.  We reconnected with several clients and met new friends at our booth, which was located right in the middle of the action.  We also co-hosted a dinner with our partner, Voltage Security, and enjoyed catching up with old acquaintances and meeting new ones. Read More

    Posted in: Healthcare, HIMSS, HIPAA | 0 Comments

  • Displaying results 1-5 (of 125)
     |<  < 1 - 2 - 3 - 4 - 5 - 6 - 7 - 8 - 9 - 10  >  >|