Burning Down the House

After a week of dealing with attacks on Microsoft Exchange servers,  I got in my car,  turned on the radio, and heard that classic song by the Talking Heads. David Byrne says he wasn’t really singing about a house on fire but instead, about breaking free from whatever was holding you back. And I thought……

Don’t Just Phish

Recently, a fellow CISO asked a group of us if we “punished employees who consistently failed to recognize phishing emails.” This created a great discussion with most folks agreeing that punishment rarely works and often has negative effects (including potential for legal action). After all, hackers take advantage of people’s willingness to be helpful or…

SMiShing

No, this isn’t a typo. SMiShing is the SMS version of phishing scams but instead of a bad email, you get a bad text message on your smartphone.  While smishing has been around for years, its use has increased significantly since March, all thanks to the Coronavirus.  According to the FTC, 52,500 Americans have filed…

RYUK: Healthcare on Alert

As if the COVID-19 pandemic were not enough to worry about, the FBI and Department of Homeland Security have issued an unprecedented warning of an “imminent cybercrime threat to US hospitals and healthcare providers.”   Intelligence indicates that a Russian ransomware group known as UNC1878 is planning to deploy ransomware nicknamed “Ryuk” to more than…

Falling Short: Predictive Analytics and Healthcare Security

VertitechIT Executive Project Officer and IT security/HIPAA compliance consultant Teresa Grogan says many healthcare institutions are employing a “set it and forget it” mentality when implementing predictive analytics technology to fight cyber threats. She says that practice is a shortcut that will come back to haunt them. In an interview with Healthcare Info Security, Terry…