The Coalfire Blog

Welcome to the Coalfire Blog, a resource covering the most important issues in IT security and compliance. You'll also find information on Coalfire's insights into the unique cybersecurity issues that impact the industries we serve, including Cloud Service Providers, RetailFinancial Services, Healthcare, Higher Education, Payments, Government, Restaurants, and Utilities.

The Coalfire blog is written by the company's leadership team and our highly-credentialed security assessment experts. We look forward to your comments, so please join the conversation.


  • NIST SP 800-171: What U.S. Government Contractors Need to Know

    February 27, 2018, Mali Yared, Director, Cyber Risk Advisory, Coalfire

    In December 2016, NIST released Special Publication 800-171, Revision 1: Protecting Controlled Unclassified Information in Nonfederal Systems. Since that publication, I have worked with dozens of government contractors to help them understand this publication and determine if and how it applies to their businesses. This is the first of a three-part series that explains the standard and provides guidance to firms that must comply with it.

    Read more
  • The HITRUST CSF Version 9.1 Release – How It Could Apply to Your Organization

    February 21, 2018, Michael T. Williams, Senior Consultant, Coalfire

    If you’re familiar with the Health Information Trust Alliance (HITRUST) Common Security Framework (CSF), then you’re likely aware that HITRUST revises the CSF requirements twice annually to account for new regulations, technologies, and business models affecting the security of Protected Health Information (PHI). This enables the HITRUST CSF to evolve in step with the changing cyber risk landscape. HITRUST CSF version 9 is currently in effect, but HITRUST will release version 9.1 later this month.

    Read more
  • Cyber Engineering for 2018 and Beyond

    February 15, 2018, Dylan McAllister, Associate, Cyber Engineering, Coalfire

    2017 could be considered one of the most exciting (or horrifying) years in the technology industry. End-of-year statistics showed that the number of reported breaches in the business sector saw a 21% increase over the previous year, and headlines from all major news outlets were riddled with reports of hacks, data leaks, and high-profile vulnerabilities.

    Read more
  • Introducing Red Baron - Automate the Creation of Resilient, Disposable, Secure, and Agile Infrastructure for Red Teams

    February 06, 2018, Marcello Salvati, Senior Security Researcher, Coalfire Labs

    The need to automate the creation of disposable red-team infrastructure is key to providing effective adversary simulations. As Coalfire Labs continued to grow, our team needed a system to quickly configure and spin up C2 and/or phishing infrastructure, run multiple campaigns at the same time, and recreate infrastructure if some parts got detected and/or blacklisted.

    Read more
  • The Archimedes Medical Device Security 101 Conference - A Secure Forum for Security Issues

    January 26, 2018, Andrew Hicks, Managing Principal, Coalfire

    The University of Michigan’s Archimedes Center for Medical Device Security hosted its second annual MDS 101 conference in Orlando this month. The conference provides a secure forum for attendees to speak freely about cybersecurity issues with respected professionals who can help establish best practices for improving medical device security.

    Read more
  • Displaying results 41-45 (of 304)
     |<  <  5 - 6 - 7 - 8 - 9 - 10 - 11 - 12 - 13 - 14  >  >| 

Recent Posts

Post Topics

Archives

RSS Feed

The Coalfire BlogSubscribe to Feed
Chrome users will need to install RSS Subscription Extension (by Google)

Tags