Posts
2016 Ponemon Cost of Data Breach Study – The less obvious conclusions
/in Blog /by Calin GhibuThe 11th edition of the 2016 Ponemon Cost of Data Breach Study presents an in-depth analysis of the cost of data breaches across the world, its specific components and the factors that affect it. At the same time, the study provides insights into the likelihood of data breaches for the next year. This year’s report […]
Eating out – no longer safe if you pay by card
/2 Comments/in Blog /by Calin GhibuRestaurants were not avoided by hackers in 2016, and the reason why is quite obvious: big restaurant chains run their business in many locations, there is virtually zero IT security expertise on these sites, and most importantly, there is a big cash flow and a significant number of transactions going on every day. How restaurants […]
Common ways of stealing data: Access token theft
/in Blog /by Calin GhibuNowadays, 41 records are lost every second in data breaches usually caused by external attackers (according to Breachlevelindex), and the trend is climbing. Companies need to invest more in security training and solutions to reduce the risk of successful cyber attacks. This article explores a way in which hackers steal data once they managed to […]
HIPAA: Can you prove your data has NOT been compromised?
/in Blog /by Calin GhibuProof, rarely a concern Proof that the data was safe at a particular point in time is rarely a concern for most organizations implementing security controls. There are many other areas believed to be more important. Hence, the focus is mostly on protecting information by assessing and mitigating risk associated with its loss. Part of […]
Common ways to steal data: Clear-text password dumps.
/in Blog /by Calin GhibuWhen counting lost records officially reported so far in 2016 in the US, 3.2 out of 4.7 Million were stolen by external attackers (according to Privacy Rights Clearinghouse database). These numbers show that in spite of increased security awareness, bigger budgets, stricter standards and regulations, companies are still easy prey for hackers. This article explores […]
File integrity monitoring – Are you doing it properly?
/in Blog /by Calin GhibuThe integrity of system and configuration files of various services and applications is critical for building and maintaining secure IT environments. Hence, multiple compliance objectives (HIPAA, PCI DSS, SOX, FISMA and more) require implementing file integrity monitoring to ensure that these critical files are changed as part of authorized, documented and controlled processes only. Many […]
Data breach statistics for H1 of July 2016: Insider vs. ransomware
/in Blog /by TEMASOFT FileMonitor TeamThe first two weeks of July were rich in data breaches, especially in the healthcare sector. According to official reports in the US, a number of 17 breaches were reported, the large majority, affecting healthcare organizations, where all data breaches affected more than 500 individuals, hence, falling under the requirements of section 13402(e)(4) of the […]
Automatic ransomware detection available soon in TEMASOFT FileMonitor
/in Blog, News /by TEMASOFT FileMonitor TeamRansomware is already pandemic and there isn’t a cure yet. Why? Mainly because ransomware attacks are relatively easy to devise (can run in a valid application, even as a script) and the traditional anti-virus applications are bypassed completely as they look at different areas that can indicate or be subject of malware attacks. A good […]