The Coalfire Blog

Welcome to the Coalfire Blog, a resource covering the most important issues in IT security and compliance. You'll also find information on Coalfire's insights into the unique cybersecurity issues that impact the industries we serve, including Cloud Service Providers, RetailFinancial Services, Healthcare, Higher Education, Payments, Government, Restaurants, and Utilities.

The Coalfire blog is written by the company's leadership team and our highly-credentialed security assessment experts. We look forward to your comments, so please join the conversation.


  • Creative Ideas for Replacing Passwords

    March 08, 2013, Mike Weber, Vice President, Coalfire Labs

    Passwords have been the de facto manner of providing security for IT systems.  They’ve got a bad reputation, but it’s not the passwords themselves that deserve the reputation – it’s the individuals using them and the weak standards to which these passwords are managed.  In fact, a password system implemented in a secure manner – long and complex passwords that change periodically – can be (virtually) uncrackable.  However, a typical user isn’t apt to embrace a system that requires 15 characters or more (including numbers, upper and lower case, and special characters) and needs to change every two to four weeks.  

    Read more
  • The FFIEC proposes guidance on social media - can you stay two steps ahead?

    March 06, 2013, Dirk Anderson, Managing Director, Professional Services

    On January 22, 2013, the FFIEC put out a press release called “Financial Regulators Propose Guidance on Social Media”.  We should begin by saying that even without a social media presence, every company should address social media risks in their annual risk assessment. In this day and age where the average person has a smartphone, laptop, and a tablet, everyone is aware of social media. But what exactly is social media?

    Read more
  • White House Executive Order on Cyber Security

    February 14, 2013, Rick Dakin, CEO, Co-founder and Chief Security Strategist

    The tense standoff between an unresponsive Congress and a reluctant critical infrastructure industry has been broken.  On February 13, 2013, the President issued an Executive Order that provides initial guidance for the country to confront escalating cyber threats.  Finally, we have someone with the courage to address the ‘elephant in the room’.  Our critical infrastructure is under attack and our ability to defend against increasingly sophisticated attacks is simply not adequate.

    Read more
  • All Aboard the HIPAA Omnibus - but is the ‘bus’ missing anything?

    February 06, 2013, Andrew Hicks, Managing Principal, Coalfire

    In the wake of the recently-released HIPAA Omnibus Rule with its upcoming deadline, healthcare organizations are trying to figure out how they’re going to achieve compliance. We’ve been busy trying to get through the 563-page rule and determine what it means to our clients.

    Read more
  • Long-awaited HIPAA Omnibus Rule is Unveiled

    January 21, 2013, Andrew Hicks, Managing Principal, Coalfire

    As of January 17, 2013, the HIPAA Omnibus Rule has finally been released by the Department of Health and Human Services (HHS), which will modify the HIPAA privacy, security, and enforcement rules.  The package of regulations, in regard to this long-overdue HIPAA Omnibus Rule, will officially be posted on the Federal Register on January 25, 2013 and will be put into effect on March 26, 2013.  Covered entities and business associates will have until September 23, 2013 to comply with the new regulations.

    Read more
  • Displaying results 251-255 (of 317)
     |<  <  47 - 48 - 49 - 50 - 51 - 52 - 53 - 54 - 55 - 56  >  >| 

Recent Posts

Post Topics

Archives

Tags