The unprecedented times we are living in continue to evolve. In a rare move, the U.S. Department of Homeland Security (DHS), the Cybersecurity and Infrastructure Security Agency (CISA), and the United Kingdom’s National Cyber Security Centre (NCSC) released a joint alert on growing cybersecurity threats that are directly related to the COVID-19 crisis. This important notification should not come as a surprise but certainly serves as a reminder of how precarious and dangerous the threat environment is during COVID-19.
About five years ago everyone who worked in IT was talking and thinking about how to deal with the impending end-of-life for the massively popular Windows XP operating system. At that time, I was part of countless meetings, email chains, and phone calls that discussed what the best method was for keeping XP on networks past the official end of support from Microsoft. At the time, most of us in IT had not dealt with anything like that: a
The start of a new year causes us to reflect on the past year and determine both the current state of the industry as well as where we are heading. As 2018 began everyone poured over the 2017 annual reports and were, once again, bemoaning the sorry state of the healthcare industry’s security posture. According to HHS, there were 289 breaches reported in 2018 which is more than last year, but the total number of records lost has gone down
One of the most dreaded terms in the world of information technology and security (IT/IS) is “documentation”. Not because it isn’t massively helpful to everyone, or really for any reason other than it is difficult and fairly time-consuming to make in the first place. But, a secret your IT staff doesn’t want you to know is just how much thorough documentation can improve almost all aspects of IT/IS. The list of things that can be optimized by thorough documentation
A few days ago, a new vulnerability was found that affects the security of encrypted data, specifically on full-disk encrypted drives using hardware encryption protocols. For some time now, it has been considered best practice in Infosec - regardless of vertical - to rely on full-disk encryption to protect sensitive data from theft. The premise of this practice is that if a hard drive encrypted using Microsoft’s BitLocker or other commercial alternatives, or the device in which it resides,
IoT security is one of the most concerning and critical issues that we in healthcare face on a daily basis. All industries are affected by IoT devices threatening the integrity of their network with consumer “smart” devices and industrial control systems (ICS) being common endpoints in all networks. For some reason that I have not yet been able to pin down, almost everyone has been ignoring the dangerous little devices they have on their networks and this negligence has
I have been writing about penetration testing and its related skills for some time now but haven’t yet taken a good deep dive into web application penetration testing. In many ways, web application penetration testing is very similar to any other pentest, but there are some key differences and a few tools that are better suited to web application testing specifically. One of the key differences between an external web application pentest and a typical internal pentest is the
“Endpoint” is a term that seems to have a variable definition in many of today’s organizations. Like the name itself suggests an endpoint is simply any connected device capable of processing, transmitting, or storing data packets. Despite this relatively simple definition, many organizations I have worked with are unable to produce a complete list of the total number of endpoints they have. This issue is exacerbated by the nature of the modern hospital and how device ownership is divided.
Why are we so bad at detecting and protecting against security incidents? Attackers need only find a single flaw that will allow them to gain entry to a system. Those that protect them, on the other hand, have to think of every possible avenue an attacker can use. Logic dictates that this is simply not possible. In fact, only 45% of the healthcare organizations sampled for our annual report were considered to have any level of maturity by NIST
On the Ides of March, or very close to it on March 7th, I will take the HIMSS 2018 stage with Chuck Kesler, CISO of Duke Health, talking to our fellow healthcare IT professionals about penetration testing and hacking. This is a particularly pertinent topic since the healthcare industry has become a major target for attackers in recent years. It has become a veritable race between the attackers and the protectors. Who will find the vulnerabilities first? Unfortunately, finding