The Coalfire Blog

Welcome to the Coalfire Blog, a resource covering the most important issues in IT security and compliance. You'll also find information on Coalfire's insights into the unique cybersecurity issues that impact the industries we serve, including Cloud Service Providers, RetailFinancial Services, Healthcare, Higher Education, Payments, Government, Restaurants, and Utilities.

The Coalfire blog is written by the company's leadership team and our highly-credentialed security assessment experts. We look forward to your comments, so please join the conversation.


  • Waiting, Waiting, Waiting... Is There a Right Time for Breach Notification?

    September 28, 2018, Andrew Brosman, Consultant, Cyber Risk Advisory

    Recently, a popular online retailer revealed a month-long data breach. Card-skimming code was found capturing customer credit card data from the payment page of its website and sending that data to what appeared to be a legitimate server (with a similar domain name and a valid HTTPS certificate). The company has not yet determined which customer accounts may have been affected, so the extent of the damage is yet to be determined.

    Read more
  • Cybersecurity Incident Response: Three Lessons from Uber’s Story

    December 15, 2017, Doug Hudson, Senior Director, Cyber Risk Advisory, Coalfire

    The recent news regarding the Uber breach has captured the attention of both the public and legislators. It seems that Uber’s security team discovered a breach, paid a ransom, and didn’t report the matter to company leaders, law enforcement, personnel, or customers.

    Read more
  • Reporting LIVE from the HIMSS 2015 Cybersecurity Command Center

    April 30, 2015, Andrew Hicks, Managing Principal, Coalfire

    Well, it’s not exactly live anymore but it certainly was worth tweeting live from the brand new Cybersecurity Command Center (CCC) at HIMSS 2015 in Chicago a couple weeks ago given all the excitement.  The CCC was the place to be at HIMSS this year with standing room only at the educational sessions.  HIMSS staff members were busy adding rows of seating to the session area to fit all the attendees who were clamoring for valuable information delivered by numerous speakers from the FBI to the Secret Service to cyber risk subject matter experts.

    Read more
  • Anthem Data Breach - A Message from Coalfire's Healthcare Practice Director

    February 05, 2015, Andrew Hicks, Managing Principal, Coalfire

    Several weeks ago I had the opportunity to speak on a panel at a healthcare conference. In attendance were CIOs, CISOs, VPs of IT, and members of legal counsel. The individuals attending the session represented organizations ranging from small- to medium-sized business associates all the way up to large, multi-networked hospitals defined as covered entities under the Health Insurance Portability and Accountability Act (HIPAA).

    Read more
  • Secret Services Issues Warning to Hospitality Industry, Now What?

    July 25, 2014, Dan Fritsche, Principal, Retail and Financial Services

    The U.S. Secret Service has issued an advisory to the hospitality industry to be on alert for keyloggers on the computers in the business center. Whether your hotel received this advice or not, this is something that will undoubtedly affect your business in the near future. We’ve put together this brief guide on reacting to the advisory. 

    Read more
  • Displaying results 1-5 (of 8)
     |<  < 1 - 2  >  >| 

Recent Posts

Post Topics

Archives

Tags