Post Archive
Tags
2.0 3.0 Agency Assessment assessments audit Breach BYOD cloud Compliance Cyber cybersecurity Data DRG DSS e-banking encryption engineering federal FedRAMP FISMA forensics government GRC hacker hacking Health Healthcare HIMSS HIPAA HITECH IT labs legislation merchant mobile Navis News NRF P2PE PA-DSS password passwords Payments PCI penetration pentesting policy Privacy program Retail Risk RSA security security. Self-Assessment social State test Testing Virtualization web

The Coalfire Blog

Welcome to the Coalfire Blog, a resource covering the most important issues in IT security and compliance. You'll also find information on Coalfire's insights into the unique IT GRC issues that impact the industries we serve, including RetailFinancial Services, Healthcare, Higher Education, Software, Government and Utilities.

The Coalfire blog is written by the company's leadership team and our highly-credentialed security assessment experts. We look forward to your comments, so please join the conversation.

  • Navis HITECH Complete Services Offer Protection for Medical Data

    January 19, 2012, Mark Lucas, VP, Navis Services

    Mark Lucas

    We are proud to introduce Navis HITECH Complete, our first Navis service for the healthcare industry. For years, Navis has been providing IT governance, risk and compliance (IT GRC) solutions to merchants that need to comply with the PCI DSS and banks and credit unions that measure compliance with the GLBA regulations. Read More

    Posted in: Healthcare, HIPAA, HITECH, IT, Navis, Security, Self-Assessment | 0 Comments

  • Coalfire in the News

    January 17, 2012, Rick Dakin, CEO, Co-founder and Chief Security Strategist

    Rick Dakin

    It’s been quite a season in the world of IT security as we move into 2012. As experts in our field, we are often asked to comment on current trends and recent stories. Take some time to check out what we have had to say recently: Read More

    Posted in: Breach, Data, News, PCI, Security, Virtualization | 0 Comments

  • Cyber Security Fraud in the Banking Industry: Lessons Learned in OCC Examiner Training

    January 03, 2012, Rick Dakin, CEO, Co-founder and Chief Security Strategist

    Rick Dakin

    In late October 2011, Coalfire participated in a day of IT audit training with about 35 bank examiners.  As you would expect, we covered a lot of previously hot topics. The conversation changed as we started talking about the amount of fraud being realized by community banks and credit unions. Read More

    Posted in: Cyber, Security | 0 Comments

  • Phishing Season: Spam on the rise

    September 01, 2011, Mike Weber, Managing Director, Coalfire Labs

    Mike Weber

    Within the past two weeks there have been several reports on the increase in email spam, which can be directly correlated to an increase in phishing schemes and malware attacks.  These attacks are frequently being delivered under the guise of legitimate business: they come in the form of shipment confirmations, credit card statements, and IRS alerts.  They all request swift action to click a link or to read an attachment to address some pressing issue. Read More

    Posted in: Compliance, IT, security, web | 0 Comments

  • New Guidelines Address PCI DSS Tokenization

    August 19, 2011, Bruce DeYoung,

    Bruce DeYoung

    “Tokenization” is one of the best techniques to reduce the risk of credit card data loss. Basically, it is the process of substituting sensitive data with other values not considered sensitive. By doing this, tokenization technology essentially removes anything of value from the data stream, and, after all, what is not there cannot get stolen. This technique can be used with sensitive data of all kinds including financial transactions and medical records. Read More

    Posted in: Compliance, IT, security | 0 Comments

    • Displaying results 6-10 (of 12)
     |<  <  1 - 2 - 3  >  >|