IT Security and Compliance Articles

Category: Ransomware

Our threat landscape continues to expand and cyber criminals have discovered that the encryption of data followed by a ransom fee can be a highly lucrative business. While many companies recognize the serious threat posed by ransomware, many still continue to go conduct business without a multi-layered security solution in place to ward off malicious attacks.

Category: NIST 800-53

Hackers have managed to breach the U.S. Government’s computer systems and have leaked thousands of personal details belonging to the U.S. Department of Homeland Security and the Federal Bureau of Investigation employees.

Category: Breach Detection

The damage done by a breach is exponential and has the ability to impact millions of individuals lives. Companies can no longer choose to be ignorant to the fact that they could very well be the next victim of a data breach. Security is continuously evolving and staying up to date with the latest threats that could impact your organization could put you one step ahead of the bad guys. As we enter the New Year, it’s important to reflect on what cyber threats posed serious damage to both consumers and companies alike in 2015. This article with delve into the Top 5 Worst Data Breaches of 2015

Category: CIS Benchmark

Target has agreed to pay $39.4 million to resolve claims by banks and credit unions that are said to have lost money because of the retailer’s notorious 2013 data breach.

Category: HIPAA HITECH

According to the latest Digital Health report by Accenture, healthcare providers are at risk of losing $305 billion in collective lifetime patient revenue over the next five years.

Category: Change & Configuration Management

According to a recent report by the Office of the Inspector General, the Department of Homeland Security still has a lot of work to do when it comes to the agency’s cyber security posture.

Category: NERC CIP

A NERC CIP compliance audit isn’t all speedboats and supermodels, even when tackling CIP 007 (which is actually focused on maintaining a hardened build standard and may leave you wanting to fire your own ejector seat).

Category: FedRAMP

NNT Change Tracker Version 6.5 has now been certified for the CIS Benchmark for SUSE Linux Enterprise Server 11. This means any organization using SUSE LES 11 can use Change Tracker to easily assess how vulnerable to attack their systems are and, using the built-in remediation advice within the reports provided, implement a comprehensive hardened build standard.

Category: File Integrity Monitoring

We were recently asked to contribute to an article being written about "Fraud health checks, and training: what should businesses be doing?" The scope included all fraud, so not just IT fraud, but data theft by employees, material theft, and financial fraud. Our stance is that all fraud is preventable, but in the same way that any football game is winnable – stuff happens, mistakes are made, freak goals are scored. Accepting this means that, while the goal for combatting fraud is 100%, the reality will be that you can't win 'em all.

Category: PCI DSS Compliance

Tesco, Target, eBay, Office – all major retailers with a significant online presence and always seeking to understand what their customers want to buy, how they want to buy it, and what would make them buy more. The delivered retail experience and an intimate understanding of consumer psychology are where the retail battles are fought in 2014.