The Coalfire Blog

Welcome to the Coalfire Blog, a resource covering the most important issues in IT security and compliance. You'll also find information on Coalfire's insights into the unique cybersecurity issues that impact the industries we serve, including Cloud Service Providers, RetailFinancial Services, Healthcare, Higher Education, Payments, Government, Restaurants, and Utilities.

The Coalfire blog is written by the company's leadership team and our highly-credentialed security assessment experts. We look forward to your comments, so please join the conversation.


  • What's Next in Retail IT? The Convergence of Mobile, P2PE and the Cloud

    January 15, 2013, Rick Dakin, CEO, Co-founder and Chief Security Strategist

    Greetings from the Javits Center in New York City, the site of the National Retail Federation’s Big Show.  This year, the theme of NRF is “Next”.

    When it comes to Retail technology – and in particular, security and compliance, the most talked about “next” things are:

    Read more
  • Small Breach, Big Settlement

    January 08, 2013, Andrew Hicks, Managing Principal, Coalfire

    Earlier this week the Department of Health and Human Services (HHS) announced the first ever breach settlement where fewer than 500 patient records were compromised.  The $50,000 settlement was issued as a result of 441 patient records being stored on an unencrypted laptop that was stolen from the Hospice of North Idaho (HONI).

    Read more
  • P2PE Hybrid, the next best thing since the Prius

    January 07, 2013, Dan Fritsche, Practice Director, Coalfire Labs

    P2PE promises many things, the most coveted being scope reduction for the merchant and a shifting of the compliance burden from the merchant to the service provider. A properly implemented P2PE solution can indeed reduce the risk of compromise for a merchant as well as reduce the scope of what must be done to continue to maintain compliance to the PCI DSS.

    Read more
  • What “Dexter Malware” tells us about the future of POS security (It might just be P2PE)

    December 20, 2012, Dan Fritsche, Practice Director, Coalfire Labs

    The recently announced Dexter malware is targeting POS systems and once in, it collects sensitive credit card data and surreptitiously sends it off to attackers. While the details of this particular attack are not yet available, this is not the first time this general approach has been exploited.

    Read more
  • FedRAMP Question and Answer session from PMO webinar

    November 13, 2012, Tom McAndrew, EVP Commercial Services, Coalfire

    On October 25, the FedRAMP PMO conducted its first webinar, in what will be a series of webinars, on the FedRAMP process. This first webinar covered the four methods that CSPs can get listed in the FedRAMP repository.

    This webinar is well worth the time to listen to it. The PMO had a lengthy Q&A session, which we have transcribed for your convenience below. The FedRAMP PMO also provides a transcription, but leverages a speech-to-text service which garbled some of the phrases and meanings. Our human reviewed Q&A of that section of the webinar is below.

    Read more
  • Displaying results 246-250 (of 304)
     |<  <  46 - 47 - 48 - 49 - 50 - 51 - 52 - 53 - 54 - 55  >  >| 

Recent Posts

Post Topics

Archives

RSS Feed

The Coalfire BlogSubscribe to Feed
Chrome users will need to install RSS Subscription Extension (by Google)

Tags