Advertisement

http://insurancethoughtleadership.com/wp-content/uploads/2014/04/bg-h1.png

[sendtokindle]

Byron Acohido

Byron Acohido

Byron Acohido is a business journalist who has been writing about cybersecurity and privacy since 2004, and currently blogs at LastWatchdog.com.

Earlier in his career, as a technology reporter at USA Today, Acohido chronicled the rise of cybercrime and the demise of personal privacy, earning numerous national journalism awards. He is the lead author of “Zero Day Threat: The Shocking Truth of How Banks and Credit Bureaus Help Cyber Crooks Steal Your Money and Identity,” which received the 2009 NYSSCPA Excellence in Financial Journalism Award for general audience books.

While at the Seattle Times earlier in his career, Acohido was awarded the 1997 Pulitzer Prize for Beat Reporting and 11 other national awards for investigative stories disclosing a catastrophic design flaw in the rudder controls of Boeing 737s that precipitated two air disasters. Boeing subsequently redesigned the 737 rudder.

Recent Articles by Byron Acohido

The Race Is on for ‘Post-Quantum Crypto’

Y2Q. Years-to-quantum. We’re 10 to 15 years from the arrival of quantum computers capable of solving complex problems far beyond the capacity of classical computers to solve. PQC. Post-quantum-cryptography. Right now, the race is on to revamp classical encryption in preparation for the coming of quantum computers. Our smart homes, smart workplaces and smart transportation […]

What Ethiopia Crash Says About Safety

When news broke about the crash of an Ethiopian Airlines Boeing 737, the first question that popped into my head was whether an older 737 model, still using the flawed rudder actuator, might have been involved. Of course, it was actually the newest iteration of the 737, the Max 8. I’m no longer covering aviation. […]

The Threat From ‘Security Fatigue’

There is no mistaking that, by now, most consumers have at least a passing awareness of cyber threats. Two other things also are true: too many people fail to take simple steps to stay safer online; and individuals who become a victim of identity theft, in whatever form, tend to be baffled about what to do about it. A […]

Security Training Gets Much-Needed Reboot

Using innovative strategies, some companies may be erasing employee security training’s reputation for ineffectiveness. Security training “got a bad rap, because it was so bad,” says Steve Conrad, the founder and managing director of MediaPro, a Bothell, Wash.-based security awareness training company with such clients as Microsoft, Yahoo and Adobe. Old training methods “usually consisted […]

Cyber Crimes Outpace Innovation

IT systems have never been more powerful or accessible to businesses. However, the scope and scale of cyber crimes continues to outpace tech innovation. For years, the challenge for internal IT and security teams has been to use existing company data to construct an integrated picture of oddities and unexpected actions on their network. Recent advancements in machine […]

HBO Breach Raises New Cyber Concerns

Following on the heels of the two globe-spanning ransomware worms, the HBO hack—with its distinctive blackmail component—rounds out a summer of extortion-fueled hacks and destruction and theft of valuable data at an unprecedented scale. WannaCry and Petya raced around the planet demanding ransoms after locking up servers at hundreds of organizations. The HBO hackers pilfered 1.5 terabytes of intellectual property and […]

How to Mitigate Cyber Threats

Employees often are seen as the weakest link in cybersecurity. Breaches by hackers may hit the headlines, but human error (or intent) is responsible for the majority of attacks. IBM’s 2016 Cyber Security Index reported that insiders carried out 60% of all attacks. Three-quarters of these attacks were malicious, and a staggering 25% of breaches were accidental. See also: How […]

VPNs: How to Prevent a Data Breach

As prices come down, virtual private networks (VPNs) are becoming a must-have tool for many small- and medium-size business owners. The growing popularity is a reflection of the chaotic times in enterprise computing, marked by malware and ransomware targeting vulnerable systems and a decentralized work force of globetrotting employees juggling several gadgets at once. More SMB data is now stored in […]

Cyber Measures Starting to Pay Off

Organizations pay a hefty price for a data breach, but the cost, for the first time, has dropped, a 2017 IBM Security study conducted by the Ponemon Institute has found. The study, which interviewed more than 1,900 individuals at 419 organizations in 11 countries, found the average cost of a data breach is $3.6 million—a 10% decrease from IBM Security’s 2016 study. Incidents with fewer […]

Security of Medical Devices Needs Care

Medical devices, such as pacemakers, insulin pumps and defibrillators, could become lethal in the hands of a hacker tampering with them remotely. A new study that shows medical devices—and patients—are vulnerable to cyber attacks is a wake-up call for manufacturers, according to a Silicon Valley software company that sponsored the study. Device manufacturers must change their culture and look at security […]

Cyber Dangers to Critical Infrastructure

Many critical infrastructure systems, such as those that control the electric grid, oil and gas refineries and transportation, are now getting linked to the internet. That makes them easier to manage and maintain but also could put them in the line of fire for cyber attacks. I recently discussed the issues involved in upgrading and […]

Don’t Hit Snooze Button on Cyber Threat

WannaCry was a wake-up call. Petya is a wake-up call. Last I checked, wake-up calls were meant to bring about change. After WannaCry, we saw a massive surge in patching around the globe, not to mention a 22-year-old “accidental hero” in the U.K. who helped halt the malicious software. It’s proof that beating the drum […]

How to Shield Your Sensitive Data

Recent high-profile photo hacks have made headlines. In March, internet hackers targeted celebrities including Miley Cyrus, Emma Watson and Amanda Seyfried, resulting in the leak of intimate photos that were posted on sites such as 4chan and Reddit. Similarly, back in 2014 hacker Ryan Collins exposed nude photos and videos of several celebrities after obtaining them from […]

Best Practices for Cyber Threats

All any company decision-maker needs to do is pay heed to the intensifying regulatory environment to understand that network security has become a mission-critical operational issue. Consider that the Colorado Division of Securities is implementing 90 pages of new rules to clarify what financial “broker-dealers” and investment advisers must do to protect information stored electronically. That’s on […]

Cyber: How to Fix the Human Factor

More than ever, chief security officers are being held accountable for keeping their businesses safe. Phishing attacks, data breaches, ransomware and the ever-increasing access by employees to technology and data are driving this accountability. But there’s only so much that technology solutions can do to protect against threats. What else should organizations do? It turns […]

Healthcare Needs a Data Checkup

As the healthcare industry continues to digitize, data protection technology has not been able to keep pace. Unfortunately for industry participants, healthcare has become a top target for state-sponsored and free-agent hackers. In fact, a study released by Michigan State University in April 2017 found that healthcare providers reported 1,225 of the total 1,798 data breaches in […]

How to Anticipate Cyber Surprises

The WannaCry attack, the biggest ransomware attack in history, is not over. It has had an impact on companies in at least 150 countries, leaving organizations around the world wondering if they might be affected by subsequent waves. It’s critical to keep in mind that effective mitigation of ransomware (and similar) attacks is accomplished with […]

5 Best Practices in Wake of WannaCry

In the world of cybersecurity—particularly for small- and midsize businesses—progress tends to be achieved in fits and starts. Rare is the SMB that has the patience and focus to take a methodical approach to improving network security over an extended period. So when news of the WannaCry outbreak grabbed the mainstream media’s attention recently, fear […]

Healthcare Firms on Hit List for Fines

When the Health Insurance Portability and Accountability Act (HIPAA) became law in 1996, the internet was an infant. Physicians walked around with paper charts. A “tablet” referred to a pill. And the typical cyber attack aimed to simply deface a website. But with the evolution of the electronic age, the majority of the nearly 1.2 […]

WannaCry Portends a Surge in Attacks

The landmark WannaCry ransomware attack, I believe, may have been a proof of concept experiment that inadvertently spun out of control after it got released prematurely. But now that it’s out there, WannaCry signifies two developments of profound consequence to company decision-makers monitoring the cybersecurity threat landscape: It revives the self-propagating internet worm as a […]

Machine Learning to the Rescue on Cyber?

Machine learning has been a staple of our consumer-driven economy for some time now. When you buy something on Amazon or watch something on Netflix or even pick up groceries at your local supermarket, the data generated by that transaction is invariably collected, stored, analyzed and acted upon. Machines, no surprise, are perfectly suited to […]

3 Things on Cyber All Firms Must Know

Managed security services providers, or MSSPs, continue to rise in presence and impact—by giving companies a cost-effective alternative to having to dedicate in-house staff to network defense. In the thick of this emerging market is Rook Security. I spoke with Tom Gorup, Rook’s director of security operations, about this at RSA 2017. A few takeaways: […]

Now Is the Time for Cyber to Take Off

Uncertainty about several key variables appears to be causing U.S. businesses and insurance companies to move cautiously into the much-heralded, though still nascent, market for cyber liability policies. Insurers continue to be reluctant to make policies more broadly available. The big excuse: Industry officials contend there is a relative lack of historical data around cyber […]

How to Train for Range of Cyber Threats

According to a PWC Global State of the Information Security Survey in 2015, the number of cybersecurity incidents has been increasing at an annual rate of 66%. Both the range and complexity of cyber threats are expanding—from ransomware to compromises of critical infrastructure. Yet, when those threats materialize, too few businesses and government entities have […]

Slump in VC Spending on Cyber?

Venture capital funding in cybersecurity is cooling. And it’s show-me time for startups battling for the dwindling pool of funds. While the cybersecurity market is maturing, startups are still innovation drivers and venture capitalists are keen on finding the next big unicorns. Large enterprises’ tendency to juggle products from multiple vendors—despite their wishes for seamless, […]

Can Your Health Device Be Hacked?

What seemed like a farfetched scenario out of Hollywood four years ago is now yet another reality that security experts have been warning about. In the screen version, the U.S. vice president is assassinated on the TV show “Homeland” after a hacker takes control of his pacemaker and stops his heart—making it look like a […]

SMBs Need to Bulk Up Cyber Security

Third-party risks—the notion that a contractor or a supplier could inadvertently expose the first-party organization to a network breach—may not be the sexiest cybersecurity issue out there. But at RSA 2017—the weeklong cybersecurity conference that drew 43,000 attendees to San Francisco’s Moscone Center last month—there was much talk that third-party risks are destined to ascend as […]

Are Passwords Finally Becoming Passé?

It looks like 2017 is continuing right where 2016 left off—with news of a massive data leak and thousands of passwords being exposed on the internet and cached by search engines. This refers to the gaping security flaw recently discovered in the widely used Cloudflare service. It goes without saying that you should immediately change […]

Cyber Attacks Shift to Small Businesses

Small- and mid-sized businesses (SMBs) are increasingly at risk for data breach class-action lawsuits that typically have targeted large corporations. Large companies are learning to address cyber threats. Hackers are responding by setting their sights on SMBs. So it’s simply more productive and efficient to attack poorly protected companies that could take weeks or even […]

New Approach to Cyber Insurance

The most active players in the fledgling but fast-growing cyber insurance market are hustling to differentiate themselves. The early adopters and innovators are doing so by accelerating the promotion of value-added services—tools and systems that can help companies improve their security postures and thus reduce the likelihood of ever filing a cyber damages claim. As […]

A ‘Credit Score’ for Your Cyber Risk?

It’s safe to say that the vast majority of companies can, and probably should, be doing a lot more to improve the security posture of their business networks. What most organizations probably do not realize is that there is an entity paying very close attention to just who is consistently following security best practices—and who […]

Most Firms Still Lack a Cyber Strategy

Despite awareness that hackers are relentlessly launching cyber attacks, according to a new survey, most companies say they don’t have a clearly defined risk strategy or one that applies to the entire company. The survey, conducted by the Ponemon Institute and sponsored by RiskVision, polled 641 individuals involved in risk management within their organizations. More […]

Cybersecurity: Firms Are Just Sloppy

Two more stunning disclosures from self-styled internet watchdog Chris Vickery underscore how organizations continue to routinely expose sensitive data in the cloud, risking dire consequences. “My findings clearly demonstrate that data breaches happen more often than the general public realizes, and companies are quick to deny and cover up these issues,” Vickery says. Vickery has […]

Your Social Posts: Hackers Love Them

Social media is embedded in our lives—Facebook alone had 1.79 billion daily users as of September 2016—which means cyber criminals are not far behind. As companies increasingly rely on this digital channel for marketing, recruiting, customer service and other business functions, social media also has become a highly effective vehicle for cyber attacks. Outside of […]

Cybersecurity Holes in Connected Cars

The photo was jarring. A Jeep Cherokee stalled in a ditch after hackers remotely disabled its brakes. No one was hurt. The experiment in St. Louis was a coordinated hack designed and carried out by Charlie Miller and Chris Valasek, security researchers at Uber’s Pittsburgh-based Advanced Technologies Center. Miller and Valasek sought to prove a point […]

Understand the Nuts and Bolts of Cyber

Answering the growing demand for cyber risk insurance, many carriers have joined the market. But buying a policy for an organization, especially for the first time, can be a confusing process. Not only are insurance carriers inconsistent in the type of coverage they offer, but buying this type of insurance is different than the more […]

Machine Learning May Tip Balance on Cyber

Smart CSOs and CISOs are moving from post-incident to pre-incident threat intelligence. Instead of signature and reputation-based detection methods, they are looking at artificial intelligence innovations that use machine learning algorithms to drive superior forensics results. In the past, humans had to look at large sets of data to distinguish the good characteristics from the […]

Hackers Turn HTTPS to Their Advantage

Encryption is a two-edged sword. Over the past few years, the tech sector—led by Google, Facebook and Twitter—has implemented a form of encryption to help secure virtually all of our online searches, social media banter and mobile apps. When you search for something or use social media online, a robust form of encryption protects your […]

Huge Cyber Blind Spot for Many Firms

There is a large blind spot most organizations fail to recognize and protect—the mobile network. Today, employees use their mobile devices to access business-related information more than ever. According to recent Business Wire research, 72% of organizations have adopted Bring Your Own Device (BYOD) policies to some extent, and an additional 9% plan to do […]

Nigerian Scammers Have a New Target

Nigerian 419 scams have been around seemingly forever, seducing one victim at a time. But now some veteran 419 con men have shifted their focus to targeting small- and medium-size businesses for systematic thievery that pivots off how SMBs have come to rely on email as a payment tool. Classic 419 advance-fee scams trick one […]

Why More Attacks Via IoT Are Inevitable

The massive distributed denial of service (DDoS) attack that cut consumers off from their favorite web haunts recently was the loudest warning yet that cyber criminals can be expected to take full advantage of gaping security flaws attendant to the Internet of Things (IoT). For much of the day, on Friday, Oct. 21, it was […]

First Line of Defense on Cyber Risk

Anonymous theft and abuse of business data is a growing risk for many organizations. Most security initiatives aimed at this problem begin with piecemeal technical controls, such as trying to block and account for things like USB drives or mobile devices with software and policies. However, zeroing in on technical countermeasures first is looking at the problem […]

The Problems With Encryption

Newly released findings from the Ponemon Institute and A10 Networks reveal that nearly half of cyber attacks in the past 12 months used encryption to evade detection and distribute malicious software. These findings challenge how we think about the powerful technology we use to protect privacy, security and authenticity. They also demonstrate very effectively how […]

The Growing Problem of Ransomware

As senior security research engineer at security and compliance automation vendor Tripwire, Travis Smith spends his days studying the chess moves made by cyber criminals on the cutting edge. The hottest, most lucrative criminal activity of the moment is ransomware, the cyber detective says. The most common variant revolves around getting a victim to click […]

Why Connected Cars Are So Vulnerable

Connected automobiles are just like any Internet of Things device, in that they have an identifying address on a network and are susceptible to being targeted. Vehicles are built with several electronic control units (ECUs) that manage such systems as the infotainment setup. These systems require connection to a back end, typically, the automaker, which […]

What to Know About Battling Botnets

The persistent, pervasive badness on the internet is made possible by the existence of a vast, self-replenishing infrastructure of botnets. Cyber criminals go to great lengths to keep their botnets running at high efficiency. ThirdCertainty asked Tim Helming, director of product management at Domain Tools, to outline how and why botnets continue to thrive—and what the […]

Employee Benefits: ID Theft Coverage

Employers looking to dial up the correct mix of benefits to retain valued employees are increasingly including identity theft protection services as a perk. Research firm Willis Towers Watson predicts identity theft protection, offered by 35% of employers in 2015, could double to nearly 70% by 2018, making it the fastest-growing type of employee benefit over […]

5 Things to Know About ‘Hacktivism’

In July 2015, a hacker who goes by the name Phineas Fisher breached an Italian technology company, Hacking Team, that, ironically, sells spying and hacking software tools. Fisher exfiltrated more than 400 gigabytes from the company and declared his motive was to stop its “abuses against human rights.” “That’s the beauty and asymmetry of hacking: With […]

As IoT Expands, Risks Grow Even Faster

Get used to it. The Internet of Things is here to stay. In fact, IoT is on a fast track to make all manner of clever conveniences part of everyday commerce and culture by the close of this decade. Tech research firm Gartner estimates IoT endpoints will grow at a breakneck 32% compounded annual growth […]

Ransomware Threat Growing for Phones

There’s been a scary increase in successful ransomware attacks against large organizations this year. Specifically, hospitals have found themselves at the mercy of hackers who demand ransom payments to unlock critical system files. Recently, there have been signs that these criminals have moved on to universities, too. The University of Calgary admitted to Canadian media […]

How to Measure ‘Vital Signs’ for Cyber Risk

By now, senior directors at most organizations probably are cognizant of the proliferation of network breaches and fully grasp the notion that risk mitigation must be brought to bear. However, cybersecurity practitioners can be notoriously poor communicators. Many lack the jargon-free communication skills to present a clear picture of rising cyber exposures, one that can […]

Firms Must Redefine Cyber Perimeter

The rising business use of cloud services and mobile devices has opened a Pandora’s box of security exposures. Software as a service (SaaS) tools such as Salesforce.com, Gmail, Office 365 and Dropbox, as well as social media sites such as Facebook, LinkedIn and Twitter, are all being heavily leveraged by companies to boost productivity and collaboration. This SaaS […]

Paradigm Shift on Cyber Security

You’ll get no argument from anyone in the global cybersecurity community if you make this statement: “There needs to be a paradigm shift in the way organizations of all sizes view information security.” There are unmistakable signs that such a sea change is underway, driven by intensifying cyber exposures. But organizational change at a macro […]

How to Find Cyber Threats in Real Time

No matter how robust a company’s cyber defenses, the bad guys seem to find a way to get in. And when — not if — they do, it could take weeks, or even months, to detect them and assess the damage. Building off the premise that spending a lot of money “trying to prevent the […]

2 Novel Defenses to Hacking of Browsers

Cyber attackers continue to exploit a significant security gap found in a familiar tool used pervasively in all company networks: the common web browser. Mozilla Firefox, Google Chrome, Microsoft Explorer and Apple Safari all use an architecture that makes it relatively easy for an attacker to embed malicious code on an employee’s computer — and […]

Failures of Two-Factor Authentication

How can a bank — or any organization — become less secure in its attempts to become more secure?  Let me tell you. Security must do two things: protect and enable. If your security doesn’t enable people to do what they have to do, they will inevitably circumvent it, creating all sorts of exception conditions as […]

New Attack Vector for Cyber Thieves

It has become commonplace for senior executives to use free Web mail, especially Gmail, interchangeably with corporate email. This has given rise to a type of scam in which a thief manipulates email accounts. The goal: impersonate an authority figure to get a subordinate to do something quickly, without asking questions. The FBI calls this […]

Cyber, Tech Security Start to Merge

A convergence between the cyber insurance and tech security sectors is fast gaining momentum. If this trend accelerates, it could help commercial cyber liability policies create a fresh wellspring of insurance premiums, just as life insurance caught on in the 1800s and auto policies took off in the 1900s. The drivers of change are substantive. As […]

IRS Is Stepping Up Anti-Fraud Measures

The Internal Revenue Service is taking as long as 21 days to review tax returns, according to research from fraud prevention vendor iovation, a clear sign that Uncle Sam has stepped up anti-fraud measures. Even so, tax return scams that pivot off stolen identity data continue to rise for the third consecutive tax season. The latest twist: […]

How to Eliminate Cybersecurity Clutter

Earlier this year, defense contractor Raytheon spun out the cybersecurity services it had been supplying via Raytheon Cyber Products into a new business entity called Forcepoint. Forcepoint is also composed of security software vendor Websense and next-generation firewall vendor Stonesoft, both of which Raytheon acquired in the past year or so. See Also: Cyber Threats to […]

Chip Cards Will Cut Cyber Fraud — for Now

Visa has released data showing adoption of Visa chip cards by U.S. banks and merchants is gathering steam. But the capacity for Europay-Mastercard-Visa (EMV) chip cards to swiftly and drastically reduce payment card fraud in the U.S. is by no means assured. Just look north to Canada, where EMV cards have been in wide use […]

Spear Phishing Attacks Increase

Spear phishers continue to pierce even well-defended networks, causing grave financial wounds. Spear phishers lure a specific individual to click on a viral email attachment or to navigate to a corrupted Web page. Malicious code typically gets embedded on the victim’s computing device, giving control to the attacker. A recent survey of 300 IT decision-makers […]

Ransomware: Growing Threat for SMBs

Ransomware, a cyber scourge that appears on the verge of intensifying, poses an increasingly dire threat to small- and medium-sized businesses (SMBs) in 2016. In a ransomware attack, victims are prevented or limited from accessing their systems. Cyber criminals attempt to extort money by first using malware to encrypt the contents of a victim’s computer, then […]

Cyber Threats to Watch This Year

2015 was a year in which cyber criminals continued to innovate and expand their activities. As 2016 commences, look for insider threats to take center stage and for leading companies to respond. Meanwhile, cybersecurity and privacy issues will continue to reverberate globally. Here are a few predictions for the coming year: Cyber threats and elections– Threat […]

Expect More Cyber Turbulence in 2016

In February 2015, Anthem, the nation’s second-largest health care insurer, disclosed losing records for 80 million employees, customers and partners. That was followed a few weeks later by Premera Blue Cross admitting it lost records for 11 million people. Then in July 2015, the U.S. Office of Personnel Management began a series of mea culpas. OPM ultimately conceded that hackers […]

Use of Cloud Apps Creates Data Leakage

A large U.S. cable television company recently sought to better understand how its employees were using cloud apps to stay productive. Management had an inkling that workers routinely used about a dozen or more cloud file sharing and collaboration apps. An assessment by CipherCloud showed the employees actually were using 204 cloud services that posed […]

Firms Ally to Respond to Data Breaches

More companies than ever realize they’ve been breached, and many more than you might think have begun to put processes in place to respond to breaches. A survey of 567 U.S. executives conducted by the Ponemon Institute and Experian found that 43% of organizations reported suffering at least one security incident, up from 10% in […]

Scammers Taking Advantage of Google

Some 500 million people use Gmail and Google Drive. I’m one of them. Gmail and Google Drive are wonderful for communicating and collaborating. But it turns out they’re also ideal tools for hacking into your computing device. Bad guys on the cutting edge have discovered this. And their success so far indicates attacks manipulating Google’s […]

Predictive Tech Can Preempt Cyber Threats

In the ever-evolving landscape of cyber threats, for many organizations, simple detection and remediation is no longer enough. Some cybersecurity companies are now going one step further-providing predictive intelligence that can preempt threats. In September, Triumfant became the latest to enter this growing field, through a partnership with Booz Allen Hamilton. “If you’re just offering […]

Third Parties Pose Problems With Cyber

In today’s cyber world, business is done digitally. Trusted cyber relationships between partners must be formed to effectively conduct business and stay at the forefront of innovation and customer service. Having these trusted partnerships comes with a major drawback, however. Look at it from this perspective: If your organization is the target of a malicious […]

The Moneyball Approach to Cyber

It took a while for me to understand baseball: I didn’t get it until someone pointed out that I was watching the game when I should have been watching the season. Much of the game’s strategy snapped into focus — and the differentiation between game-day action and long-term success illustrates key lessons that information security […]

The Need for a Security Mindset

Keeping antivirus software protection current on all company-owned computing devices has become an essential business practice. That’s not a simple endeavor. ThirdCertainty recently sat down with Andy Hayter, security evangelist at antivirus vendor G Data Software, to discuss the intricacies of managing antivirus solutions effectively, particularly in small and mid-sized companies. (Answers edited for clarity […]

How to Keep Malware in Check

Firewalls are superb at deflecting obvious network attacks. And intrusion detection systems continue to make remarkable advances. So why are network breaches continuing at an unprecedented scale? One reason is the bad guys are adept at leveraging a work tool we all use intensively every day: the Web browser. Microsoft Explorer, Mozilla Firefox, Google Chrome […]

Your Device Is Private? Ask Tom Brady

However you feel about Tom Brady, the Patriots and football air pressure, today is a learning moment about cell phones and evidence. If you think the NFL had no business demanding the quarterback’s personal cell phone—and, by extension, that your company has no business demanding to see your cell phone—you’re probably wrong. In fact, your […]

Financial Malware Uses Macros to Infect

A new breed of financially focused malware has cropped up, using new tactics to evade detection and infect harder-to-compromise systems. The Dyre botnet has successfully compromised tens of thousands of victims in North America. Another banking trojan, Dridex, has successfully compromised thousands of systems in Europe and is increasingly targeting companies and users in the U.S. […]

Surveillance Cams: A Hacker’s Delight

It didn’t take much tech savvy for the creator of the website insecam.com to aggregate web links to more than 73,000 live surveillance cameras in 256 countries. The result: Anyone can use insecam.com to tap into any of these webcams and see what they’re pointed at, mostly in commercial properties. Each of these webcams uses […]

Phishers’ New Ruse: Trusted Tech Brands

Most of us don’t think twice about opening and maintaining multiple free email accounts where we live out our digital lives. And we’re getting more and more comfortable by the day at downloading and using mobile apps. Yet those behaviors can harm us. ThirdCertainty sat down with David Duncan, chief marketing officer for threat intelligence […]

Pros and Cons of ApplePay Security

ApplePay, the mobile payments service introduced by Apple in October 2014, could ultimately set the security and privacy benchmarks for digital wallets much higher. Even so, the hunt for security holes and privacy gaps in Apple’s new digital wallet has commenced. It won’t take long for both white hat researchers and well-funded criminal hackers to […]

Data Security Critical as IoT Multiplies

When this century commenced, delivering new technology as quickly as possible, with scant concerns about quality, became standard practice. Consumers snookered into buying version 1.0 of anything were essentially quality-control testers. How soon we forget. As we enter the age of the Internet of Things, companies are pushing out computing devices optimized to connect to […]

How to Measure Data Breach Costs?

Businesses typically have a hard time quantifying potential losses from a data breach because of the myriad factors that need to be considered. A recent disagreement between Verizon and the Ponemon Institute about the best approach to take for estimating breach losses could make that job a little harder. For some time, Ponemon has used […]

Yet Another Data Breach in Healthcare

CareFirst BlueCross BlueShield stepped forward on Wednesday to disclose yet another major breach of a health care insurer, this one affecting 1.1 million people. Hackers accessed a database to steal the names, user names, birth dates, email addresses and subscriber ID numbers of about 1.1 million current and former CareFirst customers and business partners. The […]

Unstructured Data: New Cyber Worry

Companies are generating mountains of unstructured data and, in doing so, unwittingly adding to their security exposure. Unstructured data is any piece of information that doesn’t get stored in a database or some other formal data management system. Some 80% of business data is said to be unstructured, and that percentage has to be rising. Think […]

Fraud: When Mom Is Your Worst Enemy

Mother’s Day is a special time to celebrate all those kisses and hugs, the rides to the mall, the doctors’ appointments, the countless soccer-basketball-baseball games, a special note tucked into a pocket or care package sent to camp. But remember, sometimes it’s what a person doesn’t do that matters, and some moms are just bad […]

‘Smart Cities’ Are Wide Open to Hackers

A monster storm is on a collision course with New York City, and an evacuation is underway. The streets are clogged, and then it happens. Every traffic light turns red. Within minutes, the world’s largest polished diamond, the Cullinan I, on loan to the Metropolitan Museum of Art from the collection of the British crown […]

Cloud Apps Routinely Expose Sensitive Data

An alarming number of cloud-based apps used by enterprise employees don’t encrypt data at rest or require two-factor authentication. And an astounding number of employees are still uploading highly sensitive data to the cloud and sharing files on unsecured platforms, according to the Cloud Adoption Risk Report Q4 2014 from cloud security vendor Skyhigh Networks. Security […]

2015 Is Watershed for Healthcare Hacking

Predictions that 2015 would be a watershed year for stolen healthcare records are bearing out. Health insurer Premera Blue Cross has disclosed that a cyber attack that commenced in May 2014 resulted in exposure of medical data and financial information of 11 million customers. Stolen records included claims data and clinical information, as well as financial […]

Stunning Patterns Found in the Dark Net

One of the most powerful technologies for spying on cyber criminals lurking in the Dark Net comes from a St. Louis-based startup, Norse Corp. Founded in 2010 by its chief technology officer, Tommy Stiansen, Norse has assembled a global network, called IPViking, composed of sensors that appear on the Internet as vulnerable computing devices. These […]

Geopolitical Goals for Healthcare Hacking?

Did China orchestrate the massive hack of Anthem, the nation’s No. 2 healthcare insurer, to steal intellectual property it needs to jump start a domestic healthcare system? That’s one scenario being discussed by the security community and would fit the pattern of not just China, but other nations, stepping up cyber attacks to pursue geo-political […]

Why Medical Records Are Easy to Hack

If hacked credit and debit card account numbers are like gold in the cyber underground, then stolen healthcare records, containing patient information, are like diamonds. Private details such as Social Security numbers, birth dates, physical descriptions and patient account numbers historically have been recorded on paper and stashed away in physical file folders and cabinets. […]

The Dangers Lurking in Public WiFi

Free WiFi access points (APs) are a great convenience for consumers and can be a productivity booster for business travelers. But they also present ripe opportunities for hackers. ThirdCertainty asked Corey Nachreiner, WatchGuard Technologies’ director of security strategy, to outline this exposure. 3C: What risks do consumers and business travelers take when using WiFi services in […]

How HR Can Stop Insider Data Theft

After Edward Snowden’s escapades, how could any company fail to take simple measures to reduce its exposure to insider data theft? Yet large enterprises remain all too vulnerable to insider threats, as evidenced by the Morgan Stanley breach. And many small and medium-sized businesses continue to view insider data theft as just another nuisance piled on to […]

Will 2015 Top 2014 in Security Exposures?

It’s hard to imagine how 2014 could be surpassed as the worst year for massive identity theft and data loss exposures. The news developments of 2014 were relentless and mind-numbing. Heartbleed and Shellshock rose to the fore as two of the nastiest Internet-wide vulnerabilities ever to come to light. Heartbleed exposes the OpenSSL protocols widely […]

Connect With Byron Acohido

  • Auto Insurance
  • Cyber
  • Healthcare
  • Innovation & Technology
  • Personal Risk Management
  • Property/Casualty
  • Uncategorized
Do NOT follow this link or you will be banned from the site!