The Coalfire Blog

Welcome to the Coalfire Blog, a resource covering the most important issues in IT security and compliance. You'll also find information on Coalfire's insights into the unique cybersecurity issues that impact the industries we serve, including Cloud Service Providers, RetailFinancial Services, Healthcare, Higher Education, Payments, Government, Restaurants, and Utilities.

The Coalfire blog is written by the company's leadership team and our highly-credentialed security assessment experts. We look forward to your comments, so please join the conversation.


  • The Value of Governance in Minimizing Cybersecurity Incidents

    September 27, 2017, Michael Addo-Yobo, Managing Principal, Cyber Risk Advisory, Coalfire

    (Part Two of a Three Part Series)

    Since Equifax’s September 15th statement about their well-publicized, broadly discussed major security incident, Coalfire has fielded multiple inquiries from clients who are wondering if such an incident could happen to them, and if there is anything that they can do to better protect and prepare themselves. While every situation is different, one thing is clear: cyber risk management ought to be a top priority for every enterprise, and that priority should be established and enforced through cybersecurity governance.

    Read more
  • Protecting Confidential Data: You May Not Be as Secure as You Think

    September 19, 2017, Bob Post, Senior Practice Director, Cyber Risk Advisory, Coalfire

    (Part One of a Three Part Series)

    Unless you have been out of the country or otherwise shunning the news, you have likely heard that on September 7th and again on September 15th, Equifax reported that it suffered a security incident from May 13th through July 30th, 2017. This breach is broad reaching in its individual exposure and potential future impacts, having potentially exposed the personally identifiable information (PII) of roughly 143 million U.S. consumers, including names, Social Security numbers, birth dates and, in some instances, drivers’ license numbers. The company also reported losses related to consumer credit card data, PII on dispute documents and limited PII for certain U.K. and Canadian residents.

    Read more
  • How to Address Major Gaps in Third-Party Risk Management Programs

    September 05, 2017, Mike Stankiewicz, CISSP, CRISC, Senior Consultant, Healthcare, Coalfire

    While securing the organizational environment, it’s easy to focus on the enterprise assets without thinking as much about the vendor ecosystem. However, that extended ecosystem and how it interacts with the organization is a potential significant risk if not secured properly.

    Read more
  • Ransomware Response: To Pay or Not to pay

    April 17, 2017, Doug Hudson, Senior Director, Cyber Risk Advisory, Coalfire

    Recently, I was speaking with a CISO friend of mine and he mentioned that his company suffered a breach.  I asked if it was a ransomware attack, and sadly, that was the case.  Malware had infected nearly every connected computer.  Clearly there was a breakdown in protective controls,  but I’ll get to that in another post.  Digging deeper, I inquired if the amount was under $2,000.  Another “yes”. Reported to the FBI….” yes” again!

    Read more
  • What you need to know: Navigating EU Data Protection changes – EU-US Privacy Shield and EU General Data Protection Regulation

    July 08, 2016, Marshall England, Sr. Marketing Director, Technology & Cloud

    If you’re an organization with trans-Atlantic presence that transmits and stores European citizen data (e.g. employee payroll & HR data, client & prospect data) in the U.S. you will want to pay attention. What we will discuss was administered under the European Union’s Data Protection Directive and a previous EU-U.S. agreement called Safe Harbor.  We will cover what happened, what’s next, new rules (and penalties) that are set to go into effect and our recommendations.

    Read more
  • Displaying results 6-10 (of 48)
     |<  <  1 - 2 - 3 - 4 - 5 - 6 - 7 - 8 - 9 - 10  >  >| 

Recent Posts

Post Topics

Archives

Tags