The Coalfire Blog

Welcome to the Coalfire Blog, a resource covering the most important issues in IT security and compliance. You'll also find information on Coalfire's insights into the unique cybersecurity issues that impact the industries we serve, including Cloud Service Providers, RetailFinancial Services, Healthcare, Higher Education, Payments, Government, Restaurants, and Utilities.

The Coalfire blog is written by the company's leadership team and our highly-credentialed security assessment experts. We look forward to your comments, so please join the conversation.


  • Yahoo / Verizon: A $1B Data Breach Discount?

    November 11, 2016, Bob Post, Senior Practice Director, Cyber Risk Advisory, Coalfire

    In July of this year Verizon announced it was going to buy Yahoo for $4.8B.  A few weeks later, Yahoo starts investigating a potential data breach of around 200 million records that were for sale on the Dark Web.  In mid-September, Yahoo discloses that sometime in 2014, they were attacked and roughly 500 million user accounts were compromised.  A couple of days later, Verizon says this is the first they’ve heard of this and that event may have a “material impact” on the purchase deal.  By October news reports circulate that Verizon may ask for a $1B discount off the purchase price.

    Read more
  • What does the FBI have to say about ransomware

    October 03, 2016, Tom Glaser, Healthcare Solutions Architect, Coalfire

    The FBI provided guidance on ransomware at a recent FBI/US Secret Service/ISAC event.  They defined ransomware as a type of malware that is commonly transmitted through malicious email, which is disguised to look normal.  Once the email link has been clicked on, or an email attachment has been opened, the malware installs on the computer.  After installation is completed, files on the computer become locked using encryption and cannot be opened without the key.  A ransom message is then displayed with information on how to pay the ransom.

    Read more
  • One Way to Boost Proactive Cybersecurity

    June 30, 2016, Chip Coy, Solution Architect

    It’s clear from media articles that new CISOs need to make an immediate impact on their organization’s security program in the first 90 days with action items such as “make a quarterly plan for the next year”.

    Read more
  • What You Need to Know From the Cybersecurity Act of 2015: Part One

    January 19, 2016, Rick Link, Managing Director

    On Dec. 18, 2015, President Obama signed into law an omnibus spending bill that included the Cybersecurity Act of 2015 (“The Act”). The Act was a compromise of cybersecurity information sharing bills that passed the House and Senate earlier in 2015. It creates a voluntary process for sharing cybersecurity information and is intended to encourage public- and private-sector entities to share cyber-threat information. The Act is controversial, as the active sharing of information between and among the Federal Government and private sector entities does not currently occur routinely or effectively.

    Read more
  • 2016 Cybersecurity Predictions

    December 10, 2015, Larry Jones, CEO

    The lessons learned from this past year teach us that no one is immune to cyber threats. The sooner corporate boards and executives come to understand that cybersecurity breaches are a very real and pervasive threat; then the hard work can begin to take preemptive measures and prepare an appropriate response and recovery strategy.

    Read more
  • Displaying results 6-10 (of 23)
     |<  <  1 - 2 - 3 - 4 - 5  >  >| 

Recent Posts

Post Topics

Archives

Tags