The Coalfire Blog

Welcome to the Coalfire Blog, a resource covering the most important issues in IT security and compliance. You'll also find information on Coalfire's insights into the unique cybersecurity issues that impact the industries we serve, including Cloud Service Providers, RetailFinancial Services, Healthcare, Higher Education, Payments, Government, Restaurants, and Utilities.

The Coalfire blog is written by the company's leadership team and our highly-credentialed security assessment experts. We look forward to your comments, so please join the conversation.


  • Cyber Security Fraud in the Banking Industry: Lessons Learned in OCC Examiner Training

    January 03, 2012, Rick Dakin, CEO, Co-founder and Chief Security Strategist

    In late October 2011, Coalfire participated in a day of IT audit training with about 35 bank examiners.  As you would expect, we covered a lot of previously hot topics. The conversation changed as we started talking about the amount of fraud being realized by community banks and credit unions.

    Read more
  • Phishing Season: Spam on the rise

    September 01, 2011, Mike Weber, Vice President, Coalfire Labs

    Within the past two weeks there have been several reports on the increase in email spam, which can be directly correlated to an increase in phishing schemes and malware attacks.  These attacks are frequently being delivered under the guise of legitimate business: they come in the form of shipment confirmations, credit card statements, and IRS alerts.  They all request swift action to click a link or to read an attachment to address some pressing issue.

    Read more
  • New Guidelines Address PCI DSS Tokenization

    August 19, 2011, Bruce DeYoung,

    “Tokenization” is one of the best techniques to reduce the risk of credit card data loss. Basically, it is the process of substituting sensitive data with other values not considered sensitive. By doing this, tokenization technology essentially removes anything of value from the data stream, and, after all, what is not there cannot get stolen. This technique can be used with sensitive data of all kinds including financial transactions and medical records.

    Read more
  • Mobile Application Security – The New Frontier

    April 18, 2011, Bruce DeYoung,

    The power and popularity of consumer mobile computing is changing faster then you can say iFart (the #1 downloaded app worldwide). Commercial entities are rapidly adopting mobile-based applications for retail sales floors, restaurants and dining rooms, distributed mobile banking, and more.

    Read more
  • Compliance and the Cloud

    March 14, 2011, Tom McAndrew, EVP Commercial Services, Coalfire

    “The Cloud” is a hot topic right now. Yet most people can’t even define what “the cloud” really is. As I talk to more companies, who are considering the move, they all have two main concerns: security and compliance. Of course, security and compliance are key when it comes to cloud computing, but the questions you really need to be asking is not, “Will I be secure and compliant if I move to the cloud?” but rather, “What do I need to do to be secure and compliant when I move to the cloud?”

    Read more
  • Displaying results 16-20 (of 20)
     |<  <  1 - 2 - 3 - 4 >  >|

Recent Posts

Post Topics

Archives

RSS Feed

The Coalfire BlogSubscribe to Feed
Chrome users will need to install RSS Subscription Extension (by Google)

Tags