Secret Services Issues Warning to Hospitality Industry, Now What?
July 25, 2014, Dan Fritsche, Practice Director, Coalfire Labs
The U.S. Secret Service has issued an advisory to the hospitality industry to be on alert for keyloggers on the computers in the business center. Whether your hotel received this advice or not, this is something that will undoubtedly affect your business in the near future. We’ve put together this brief guide on reacting to the advisory.
Cybersecurity and the Financial Services Industry
July 03, 2014, Justin Orcutt, Regional Sales Manager
2014 is the year that the US Securities and Exchange Commission’s Office of Compliance Inspections and Examinations (OCIE) is turning its focus to cybersecurity, a looming threat to any and all companies that utilize the internet. In case you missed my last post, back in March the OCIE hosted a Cybersecurity Roundtable to discuss the importance of protecting consumer data and the security of market systems following a steep increase in breaches by its members.
How do cyber insurer's assess cyber risk?
June 16, 2014, Andrew Barratt, Managing Director, Europe
Last week I presented on risk transfer as a viable risk management option to compliance and security professionals at the Financial Crime Compliance Professionals Conference in London. As mentioned in one of Rick’s earlier blog entries analyzing the Target kill chain, the communication between business professionals in finance and IT is still out of alignment and this was evident again from comments made by the community.
Please make sure you have offline backups
June 11, 2014, Adam Sarote, Director, Coalfire
This ransomware has hit not only personal computers, but also organizations, including a town in New Hampshire. This particular attack was carried out when an employee opened a seemingly legitimate email attachment, once again reminding us of the ever-present danger of social engineering. Read more
The Lesson of eBay
June 02, 2014, Rick Dakin, CEO, Co-founder and Chief Security Strategist
After every major cyber breach, security professionals are asked about the lessons we can learn from them. While the technical details of the eBay attack aren’t yet public, we can already learn lessons about from company’s public statements and its communications to its customers.