The Coalfire Blog
Welcome to the Coalfire Blog, a resource covering the most important issues in IT security and compliance. You'll also find information on Coalfire's insights into the unique IT GRC issues that impact the industries we serve, including Retail, Financial Services, Healthcare, Higher Education, Software, Government and Utilities.
The Coalfire blog is written by the company's leadership team and our highly-credentialed security assessment experts. We look forward to your comments, so please join the conversation.
Heartbleed Aftershocks: Community Health Systems Breach, 4.5 Million Records Lost
August 22, 2014, Rick Dakin, CEO, Co-founder and Chief Security Strategist
The news this week that hackers from China compromised 4.5 million customer records held by Community Health Systems is just the latest indication that companies are not adequately protecting the information of the consumers they serve. Read More
Posted in: GRC, Healthcare, heartbleed, Risk | 0 Comments
A billion reasons to enhance your penetration testing
August 20, 2014, Mike Weber, Managing Director, Coalfire Labs
There are so many questions regarding those leaked Russian passwords. Is this for real? What sites are on that list? How can you tell if your site’s users are in the “Russian Billion”? Isn’t this just a matter of changing user passwords? Bottom line: As a company with websites that have user accounts, what should you do? Read More
Posted in: cybersecurity, GRC, passwords, penetration, pentesting, Risk, Testing | 0 Comments
Keeping your restaurant & hospitality Cardholder Data Environment safe
August 12, 2014, Marvin Sandoval, Sales Associate
Reports of new credit card data breaches seem to be in the news daily. Recent high profile breaches within major retailers this year should serve as a wake-up call to the restaurant and hospitality industries. As a result of having high volumes of credit card transactions and decentralized security practices, criminal organizations have put the restaurant and hospitality industry squarely in their sights. The track data used in U.S magnetic-Stripe cards are still among the most valuable commodities on the black market as it allows criminal organizations to clone cards and quickly exploit them for highest possible financial gain. Read More
Posted in: Payments, PCI | 0 Comments
Is the “Day of Reckoning” getting closer for a large scale cyber-attack?
August 07, 2014, Rick Dakin, CEO, Co-founder and Chief Security Strategist
The “Phony War” is how commentators described the seven-month period of eerie quiet that prevailed in Western Europe between Germany’s 1939 invasion of Poland and its later move into the Benelux countries, when erstwhile allies Britain and France avoided offensive operations and simply waited for the German Army to regroup and come to them. Read More
Posted in: cybersecurity, Risk | 0 Comments
The Federal Government in Financial Services' Cybersecurity
July 30, 2014, Justin Orcutt, Regional Sales Manager
It’s no secret that the internet has changed the way we do business in nearly every industry. On the other hand, the dangers of limited cyber regulations are quickly becoming a focus for the government due to the frequency and impact of data breaches. It’s becoming apparent that convenience comes at the price of security—the federal government is taking notice. Read More
Posted in: cybersecurity, GRC, Risk | 0 Comments