COVID-19 Pandemic Stresses the Importance of Business Continuity
Rich Curtiss, Director, Healthcare Risk Assurance Services
One of the more critical aspects of organizational risk management is that of Business Continuity. Many organizations overlook the importance of developing and instituting a Business Continuity Plan (BCP).
Compliance in the Cloud - Effective Strategies to Ensure Success
Adam Kerns, Managing Principal, Commercial Services: Product Development, Coalfire
It's no secret that the principles, controls, and terminology associated with compliance can be a confusing alphabet soup that hinders an organization's ability to go-to-market and expand its customer base. The difficulties in meeting compliance objectives are not limited to organization size or types. Most (if not all) organizations struggle to integrate compliance requirements into their existing workloads and systems.
Keeping Privacy Afloat During a Pandemic
Chalice Beam, Senior Manager, Health & Life Sciences, Coalfire
The world is navigating uncharted digital waters and facing evolving challenges to maintain patient privacy. Protected Health Information (PHI) is a ship sailing in a sea of digital risks and vulnerabilities. Humans wreak havoc at every turn – not always intentionally – and actions during times of uncertainty will have long-term effects. Read more
Aligning Enterprise Cyber Risk and Business Strategy
Doug Hudson, Senior Director, Cyber Risk Advisory, Coalfire
Most business leaders have a contextual awareness of cyber risk and the threats facing their organizations. However, this contextual awareness rarely contributes to a clear, consolidated directive that can be applied across the organizations. Further, many organizations struggle to align their cyber risk management initiatives and their organization’s business strategies. This creates operational friction between those responsible for managing enterprise cyber risk and the business leaders’ goal of expanding their market presence, maintaining revenue streams, and developing new products and services. What is needed is an approach that aligns enterprise cyber risk and business strategy in a way that communicates how cyber risk can enable the business to expand its markets, protect revenue streams, and securely develop and deploy new products and services.
The Basics of Exploit Development 2: SEH Overflows
Andy Bowden, Consultant, Coalfire Labs
In this article we will be writing an exploit for a 32-bit Windows application vulnerable to Structured Exception Handler (SEH) overflows. While this type of exploit has been around for a long time, it is still applicable to modern systems.