The Coalfire Blog

Welcome to the Coalfire Blog, a resource covering the most important issues in IT security and compliance. You'll also find information on Coalfire's insights into the unique cybersecurity issues that impact the industries we serve, including Cloud Service Providers, RetailFinancial Services, Healthcare, Higher Education, Payments, Government, Restaurants, and Utilities.

The Coalfire blog is written by the company's leadership team and our highly-credentialed security assessment experts. We look forward to your comments, so please join the conversation.


  • New SEC Cyber Risk Disclosure Guidance: What Does It Mean for Public Companies?

    February 28, 2018, Nick Son, Vice President, Cyber Risk Services, Coalfire

    On February 21, the U.S. Securities and Exchange Commission (SEC) issued the long overdue cybersecurity interpretive guidance to address the methods and timing of cybersecurity risks and incidents disclosures. To signify the importance of this updated guidance, five SEC commissioners issued the guidance. The new guidance does not change any of the existing SEC rules, but it does address two new topics.

    Read more
  • The Spectre of Chips on Meltdown

    January 05, 2018, Victor Teissler, Security Associate, Coalfire

    The news is rife with emerging details of Intel and other chip vulnerabilities and the hardware bugs that can potentially exploit them. While details are still developing and will likely continue to be uncovered in the days, weeks, and even months ahead, we will explore what is known to date.

    Read more
  • How You Respond Can Make All the Difference

    October 02, 2017, Doug Hudson, Senior Director, Cyber Risk Advisory, Coalfire

    (Part Three of a Three Part Series)

    As the narrative on the Equifax compromise evolves, the general public, politicians, and speculators continue to seek blame for what happened. Was it an unpatched vulnerability? Was Equifax not following proper configuration management? Was management derelict in their duties? At this point, the damage of leaking records including the personally identifiable information (PII) of 143 million people is done. However, it might be a good to look at what could have been done differently to reduce impact to the organization.

    Read more
  • The Value of Governance in Minimizing Cybersecurity Incidents

    September 27, 2017, Michael Addo-Yobo, Managing Principal, Cyber Risk Advisory, Coalfire

    (Part Two of a Three Part Series)

    Since Equifax’s September 15th statement about their well-publicized, broadly discussed major security incident, Coalfire has fielded multiple inquiries from clients who are wondering if such an incident could happen to them, and if there is anything that they can do to better protect and prepare themselves. While every situation is different, one thing is clear: cyber risk management ought to be a top priority for every enterprise, and that priority should be established and enforced through cybersecurity governance.

    Read more
  • Protecting Confidential Data: You May Not Be as Secure as You Think

    September 19, 2017, Bob Post, Senior Practice Director, Cyber Risk Advisory, Coalfire

    (Part One of a Three Part Series)

    Unless you have been out of the country or otherwise shunning the news, you have likely heard that on September 7th and again on September 15th, Equifax reported that it suffered a security incident from May 13th through July 30th, 2017. This breach is broad reaching in its individual exposure and potential future impacts, having potentially exposed the personally identifiable information (PII) of roughly 143 million U.S. consumers, including names, Social Security numbers, birth dates and, in some instances, drivers’ license numbers. The company also reported losses related to consumer credit card data, PII on dispute documents and limited PII for certain U.K. and Canadian residents.

    Read more
  • Displaying results 6-10 (of 51)
     |<  <  1 - 2 - 3 - 4 - 5 - 6 - 7 - 8 - 9 - 10  >  >| 

Recent Posts

Post Topics

Archives

Tags