The Coalfire Blog

Welcome to the Coalfire Blog, a resource covering the most important issues in IT security and compliance. You'll also find information on Coalfire's insights into the unique cybersecurity issues that impact the industries we serve, including Cloud Service Providers, RetailFinancial Services, Healthcare, Higher Education, Payments, Government, Restaurants, and Utilities.

The Coalfire blog is written by the company's leadership team and our highly-credentialed security assessment experts. We look forward to your comments, so please join the conversation.

  • What you need to know from the OCR’s Report to Congress on Breaches and HIPAA Rules Compliance

    June 26, 2014, Rick Link, Managing Director

    Last week the HHS Office for Civil Rights (OCR) issued their Annual Report to Congress on Breaches of Unsecured Protected Health Information (PHI) for calendar years 2011 and 2012. This is their second annual report required by the Health Information Technology for Economic and Clinical Health (HITECH) Act of 2009.

    Read more
  • Emerging Threats and Going Beyond Compliance

    June 25, 2014, Kennet Westby, President and COO

    I recently presented to a C-level gathering of retail finance executives about the industry’s changing threat landscape and the emerging threats facing omni-channel sellers. The retail security environment has changed dramatically in the past few years. Not that long ago, retailers mostly worried about protecting payment card information and staying PCI compliant.

    Read more
  • HIMSS Privacy & Security Forum – West 2014 Wrap-Up

    June 23, 2014, Andrew Hicks, Managing Principal, Coalfire

    The first HIMSS Privacy & Security Forum in the western U.S. proved to be a success and was attended by over 300 people including attendees (CEs and BAs), speakers, exhibitors, and partners.  We reconnected with several clients and met new friends at our booth, which was located right in the middle of the action.  We also co-hosted a dinner with our partner, Voltage Security, and enjoyed catching up with old acquaintances and meeting new ones.

    Read more
  • Embracing the Cloud's Potential for Security

    June 17, 2014, Rick Dakin, CEO, Co-founder and Chief Security Strategist

    I spoke recently at TIA’s Network of the Future conference. At the session, which was heavier on vendors than operators, the discussion was very focused on the cloud. Everyone wants to know what’s coming next and if they’re ready for it.

    Read more
  • How do cyber insurer's assess cyber risk?

    June 16, 2014, Andrew Barratt, Managing Director, Europe

    Last week I presented on risk transfer as a viable risk management option to compliance and security professionals at the Financial Crime Compliance Professionals Conference in London. As mentioned in one of Rick’s earlier blog entries analyzing the Target kill chain, the communication between business professionals in finance and IT is still out of alignment and this was evident again from comments made by the community.

    Read more
  • Please make sure you have offline backups

    June 11, 2014, Adam Sarote, Director, Coalfire

    This ransomware has hit not only personal computers, but also organizations, including a town in New Hampshire. This particular attack was carried out when an employee opened a seemingly legitimate email attachment, once again reminding us of the ever-present danger of social engineering. Read more
  • The Lesson of eBay

    June 02, 2014, Rick Dakin, CEO, Co-founder and Chief Security Strategist

    After every major cyber breach, security professionals are asked about the lessons we can learn from them. While the technical details of the eBay attack aren’t yet public, we can already learn lessons about from company’s public statements and its communications to its customers.

    Read more

Recent Posts

Post Topics

Archives

RSS Feed

The Coalfire BlogSubscribe to Feed
Chrome users will need to install RSS Subscription Extension (by Google)

Tags