Self Improvement Site
On The Internet! Take the Self Improvement Tour
On The Internet! Take the Self Improvement Tour
Risk Management Articles
We are currently looking for an Official SelfGrowth.com Guide to "Risk Management". If you have expertise in Risk Management and your own website and/or product for this topic, please review this form for complete details. The Official Guide Position is part of our Premium Placement Package
- New York State Cyber Security Regulations Mandate Common-Sense Practices - by Submitted on May 18, 2017 from Michael PetersNew York State Cyber Security Regulations for Financial Institutions Could Be Model for Other States The first phase of the New York state cyber security regulations, which apply to insurance companies, banks, and other financial institutions operating within the state, finally went into ...
Views: 1078 - WannaCry Ransomware Attack Forcing Everyone to Pay Attention to Cyber Security - by Submitted on May 18, 2017 from Michael PetersThe WannaCry ransomware attack was the end result of years of ignorance on the part of governments, private-sector firms, and the public regarding how serious cyber threats have become. The 2016 Shadow Brokers NSA hack came home to roost in a big way last week, when a code execution ...
Views: 869 - Phishing for Dollars: Email Scams Costing Companies Billions - by Submitted on May 10, 2017 from Michael PetersWhy Your Employees Keep Clicking on Phishing Emails, and How You Can Stop It The 2017 Verizon Data Breach Report is out, and it’s full of great news – if you’re a hacker. The study, which examined over 1,900 breaches and more than 42,000 attempts in 84 countries, showed that cyberespionage ...
Views: 998 - Cyberespionage a Growing Threat, Says Verizon DBIR - by Submitted on May 10, 2017 from Michael PetersThe 2017 Verizon Data Breach Report Reveals that Hackers Aren’t Just After Payment Cards and Identities Anymore Cyberespionage is a growing problem, especially in the manufacturing industry, professional services, education, and the public sector, according to the 2017 Verizon Data Breach ...
Views: 1170 - Best Antivirus 2017: Norton Security Protection - by Submitted on May 08, 2017 from Marsha KellyEver have that dream where you are standing in front of an audience with no pants? Well, using your computer without the best antivirus in 2017 is even more exposed. Every day that you send emails and read your facebook feed you are showing yourself as vulnerable and technically naked to ...
Views: 1241 - Data Breach Lawsuits a Reminder of the High Cost of Reactive Cyber Security - by Submitted on Apr 26, 2017 from Michael PetersHacked Companies Are Facing Data Breach Lawsuits Filed by Financial Institutions Data breaches aren’t cheap to clean up. Just ask Rosen Hotels, whose costs to clean up a 2016 breach could end up exceeding $2.4 million. Shockingly, that’s below the $4 million average cited by IBM. In addition ...
Views: 1530 - Who Takes the Fall When a Company Gets Hacked? - by Submitted on Apr 21, 2017 from Michael PetersYahoo is trying to pass the buck, but data breach responsibility starts at the top. Who should be held responsible when a company’s systems get breached? Historically, the CIO, the CISO, or both have shouldered the lion’s share of data breach responsibility; well over half of security ...
Views: 1003 - SCADA Security of Deep Concern as Cyber Attacks Against Government Escalate - by Submitted on Apr 19, 2017 from Michael Peters“ClearEnergy” May Have Been Fake News, But Threats Against ICS / SCADA Security Are Quite Real Accusations of “fake news” rocked the cyber security industry last week after infosec provider CRITIFENCE implied that it had detected a brand-new “in the wild” ransomware variant called ClearEnergy ...
Views: 1031 - What Is RegTech, and What Can It Do For You? - by Submitted on Apr 19, 2017 from Michael PetersHow RegTech Simplifies Governance, Risk, and Compliance Complying with standards such as HIPAA, PCI DSS, FISMA, and SSAE 16 SOC reporting is complex, costly, and time-consuming, especially for organizations that must comply with multiple standards. You may have heard the term “RegTech” ...
Views: 892 - New PCI DSS Ecommerce Guidelines Stress TLS 1.1 Migration - by Submitted on Apr 19, 2017 from Michael PetersNew PCI DSS Ecommerce Best Practices Replace Previous Guidelines Issued in 2013 Consumers love shopping online and are abandoning malls for mobile shopping apps in droves. However, online shopping environments offer multiple opportunities for hackers to steal payment card data. Even worse, as ...
Views: 963 - Why Do Schools Keep Getting Hacked? - by Submitted on Apr 19, 2017 from Michael PetersK-12 schools, colleges, and universities are attractive targets for hackers. Their networks contain an enormous amount of identifying information on staff members, students, and students’ families, including names, birth dates, addresses, Social Security numbers, and even health records. ...
Views: 1001 - 5 Ransomware Threats to Watch Out for in 2017 - by Submitted on Apr 18, 2017 from Michael PetersBe Prepared for these New and Emerging Ransomware Threats Ransomware threats are everywhere, and the problem is going to get much worse before it gets any better. According to a recent survey, about half of all businesses have experienced a ransomware attack at least once in the last 12 ...
Views: 1132 - 5 Tips for Keeping Your Ecommerce Store Secure Over the Holidays - by Submitted on Apr 18, 2017 from Michael PetersOnline shopping is booming, but customers will shun ecommerce if they do not feel their data is secure. Just as “Video Killed the Radio Star,” ecommerce is making shopping malls go the way of the horse and buggy. In 2016, consumers reported making 51% of their purchases online, up from 48% in ...
Views: 1071 - UC Berkeley Offers Cyber Security Advice to Donald Trump - by Submitted on Apr 18, 2017 from Michael PetersIn a new report, UC Berkeley’s Center for Long-Term Cybersecurity offers suggestions to President Elect Trump. Now that the election is over, the nation’s attention has turned to President Elect Donald Trump and what a Trump Administration will mean for cyber security. Notably, information ...
Views: 869 - What a Trump Administration Means for Cyber Security - by Submitted on Apr 18, 2017 from Michael PetersWhat will the state of cyber security look like under a Donald Trump administration? The election is over, the votes have been counted, and thankfully, other than a few isolated reports of malfunctioning voting machines, Election Night was unremarkable from a cyber security perspective. Now, ...
Views: 865 - Mirai Botnet Attacks Likely Pulled Off By Bored Teenagers - by Submitted on Apr 18, 2017 from Michael PetersThe Mirai botnet DDoS attacks were the largest on record – and they were likely masterminded by teenagers. In October, a massive DDoS attack on the Dyn DNS “Managed DNS” infrastructure brought down a number of major websites, including PayPal, Twitter, Amazon, Netflix, and Spotify. The attack ...
Views: 987 - The Yahoo Breach and M&A Due Diligence - by Submitted on Apr 18, 2017 from Michael PetersThe Yahoo hack demonstrates that cyber security has become a fundamental part of M&A transactions. Data breaches and a failure to comply with governmental and industry standards can impact a company in many ways, as Yahoo is finding out the hard way. The company’s recent disclosure of a ...
Views: 1071 - Proactive Cyber Security Can Prevent Vote Hacking - by Submitted on Apr 18, 2017 from Michael PetersIn a heated political climate, even the appearance of vote hacking could threaten our nation’s democracy. The most contentious issue this election season may not be immigration or minimum wage laws but cyber security; specifically, the specter of vote hacking. Shortly after the discovery that ...
Views: 866 - DNC Email Hack Highlights Need for Proactive Email Security - by Submitted on Apr 18, 2017 from Michael PetersThe NSA isn’t the only Washington organization being embarrassed by a data breach. The sorry state of cyber security in America has taken center stage in this year’s presidential election. In June, it was discovered that Russian cyber criminals had managed to hack the Democratic National ...
Views: 917 - The NSA Hack and the Sorry State of Cyber Security - by Submitted on Apr 18, 2017 from Michael PetersIn the hit USA Network series Mr. Robot, a rogue group of hacktivists target major corporations and the government. In a recent episode, the group enlists the help of a malicious insider to hack the FBI. Sound far-fetched? Maybe not: Around the same time this episode aired, an anonymous group of ...
Views: 859 - How to Protect Your Organization From Malicious Insiders - by Submitted on Apr 18, 2017 from Michael PetersNo organization wants to think that one of its own trusted employees is out to get the firm. However, a study by Intel found that 43% of data losses are the result of “internal actors” – and about half of these incidents were due to the intentional acts of malicious insiders, not accidents or ...
Views: 868 - Hackers’ Next Target: Smart Toys - by Submitted on Apr 18, 2017 from Michael PetersCyber criminals don’t care who they hurt. This was made obvious during the rash of ransomware attacks on healthcare facilities this year, where hackers locked down electronic health records systems, putting patients at grave risk. There is great concern that the proliferation of Internet of ...
Views: 1069 - The Six Worst Data Breaches of 2016 - by Submitted on Apr 18, 2017 from Michael PetersAs 2016 comes to an end, we look back at six of the year’s worst data breaches and what went wrong. It seems like not a day went by this year without reports of yet another major data breach, or two or three data breaches. From healthcare to fast food to adult entertainment, no industry was ...
Views: 959 - 5 Ways to Protect Your Retail Store from Data Breaches - by Submitted on Apr 18, 2017 from Michael PetersBoth brick-and-mortar and ecommerce retail stores make attractive targets for hackers, especially during the holidays. Retail stores are favorite targets of cyber criminals, especially during the holiday shopping season, when brick-and-mortar and ecommerce stores are flooded with customers, ...
Views: 881 - Mirai DDoS Attacks Illustrate Vulnerability of IoT Devices - by Submitted on Apr 18, 2017 from Michael PetersIoT manufacturers should take heed from the recent Mirai DDoS attacks. Late last year, a widespread attack on Dyn DNS “Managed DNS” infrastructure wreaked havoc across the internet and brought down a number of major websites, including PayPal, Twitter, Amazon, Netflix, GitHub, and Reddit. ...
Views: 898 - Yahoo Hack Was the Result of Years of Poor Cyber Security Practices - by Submitted on Apr 14, 2017 from Michael PetersFor Years, Yahoo Put Usability Ahead of Cyber Security The massive Yahoo data breach, which compromised 500 million user accounts and put its acquisition by Verizon at risk, happened because the company repeatedly put product user experience ahead of security, the New York Times ...
Views: 914 - IoT Cyber Security Threatens Consumer Adoption of Smart Devices - by Submitted on Apr 14, 2017 from Michael PetersIf IoT cyber security concerns aren’t addressed, consumers will reject self-driving cars and other smart devices. Shortly after rideshare company Uber launched a pilot test of self-driving cars in Pittsburgh, competitor Lyft made the bold prediction that most of its cars would be self-driving ...
Views: 841 - Cyber Security Issues Could Stall Self-Driving Cars - by Submitted on Apr 14, 2017 from Michael PetersHow quickly self-driving cars roll out is dependent on the industry addressing some very serious cyber security issues with smart cars and IoT devices in general. Self-driving cars are what everyone is talking about, but many people question whether the machine learning and artificial ...
Views: 1094 - HIPAA Compliance Does Not Equal Data Security - by Submitted on Apr 14, 2017 from Michael PetersHealthcare is one of the most regulated industries in the U.S. HIPAA, or the Health Insurance Portability and Accountability Act of 1996, requires healthcare organizations and their third-party service providers, such as labs and billing companies, to have data security measures in place protect ...
Views: 867 - PCI DSS Compliance Alone Won’t Protect Your Customer Data - by Submitted on Apr 14, 2017 from Michael PetersPCI DSS compliance is serious business for any organization that processes or accepts major payment cards, including SaaS providers that offer payment processing solutions to their customers. Retailers or payment processors who are found to be in violation of PCI DSS can be fined millions of ...
Views: 801 - Poor Cyber Security Led to Houston Astros Hack - by Submitted on Apr 14, 2017 from Michael PetersBaseball may be America’s favorite pastime, but from the Black Sox scandal to Pete Rose to the “Steroid Era,” cheating schemes have long tarnished the game. Sadly, it was only a matter of time before cheating went high-tech. Last summer, former St. Louis Cardinals executive Chris Correa was ...
Views: 835 - 3 Cyber Security Lessons from the SWIFT Network Attacks - by Submitted on Apr 14, 2017 from Michael PetersOver several months last year, an international group of cyber bank robbers, possibly funded by the North Korean government, stole nearly $100 million, threw the integrity of a decades-old banking industry messaging system into question, and remained at large. Sound like the plot of the latest ...
Views: 1001 - Is Your Company Protected Against Insider Threats? - by Submitted on Apr 14, 2017 from Michael PetersThe Hollywood portrayal of a hacker is a mysterious hooded figure sitting in a dark room, furiously tapping away at a keyboard in search of a back door into an organization’s system. However, the real enemy may be sitting in a brightly lit cubicle right outside the CEO’s office; insider threats ...
Views: 791 - Understanding SSAE 16 Compliance - by Submitted on Apr 10, 2017 from Michael PetersWhen contracting with a service provider, such as a data center, it is important for companies to ensure that their provider possesses the cyber security-related certifications and compliance standards that are applicable to the company’s industry. Data centers, as well as service providers who ...
Views: 790 - POS Data Security an Issue as Fast-Food Restaurants Automate Ordering - by Submitted on Apr 10, 2017 from Michael PetersThe next time you buy a burger at McDonald’s or Wendy’s, a computer may be the one asking, “Would you like fries with that?” After decades of depending on human workers to take orders – and payments – American fast food chains are finally moving into the computer age, driven by rising minimum ...
Views: 936 - Smart Medical Devices are the Next Target for Hackers - by Submitted on Apr 10, 2017 from Michael PetersUp until now, healthcare cyber security has been focused on protecting patient data, ensuring HIPAA compliance, and, more recently, protecting systems from ransomware attacks. However, as healthcare technology advances, a new threat is emerging: the potential for hackers to attack smart medical ...
Views: 1268 - 5 Tips to Secure Your Healthcare Organization's Systems Against Hackers - by Submitted on Apr 10, 2017 from Michael PetersIn a previous blog, we discussed the recent epidemic of ransomware attacks on U.S. healthcare organizations and the importance of the industry taking this very serious cyber security threat – and information security in general – seriously. The good news is that although a ransomware attack can ...
Views: 842 - Ransomware Attacks Show that Healthcare Must Take Cybersecurity Seriously - by Submitted on Apr 10, 2017 from Michael PetersWhile healthcare providers and healthcare industry vendors cannot afford to ignore HIPAA compliance, a new threat emerged in 2016 and has only gotten bigger in the past year: ransomware attacks on hospitals and healthcare providers that are not seeking to breach patient information but instead ...
Views: 846 - What is PCI DSS Compliance? - by Submitted on Apr 10, 2017 from Michael PetersConfused about PCI DSS compliance and what your business needs to do to comply with it? This article will explain PCI DSS and the importance of complying with this important information security standard. What is PCI DSS? PCI DSS stands for the Payment Card Industry (PCI) Data Security ...
Views: 889 - What is HIPAA Compliance? - by Submitted on Apr 09, 2017 from Michael PetersConfused about HIPAA and whether your business must comply with it? This article will explain HIPAA and the importance of complying with this complex federal law. What is HIPAA? HIPAA is the Health Insurance Portability and Accountability Act of 1996, which was signed into law by President ...
Views: 924 - Spear Phishing: Don’t Take the Bait! - by Submitted on Apr 06, 2017 from Michael PetersDon’t let your business get caught on a spear phisher’s hook. Like regular phishing, spear phishing involves sending legitimate-looking but fraudulent emails asking users to provide sensitive information and/or initiate wire transfers. However, while regular phishing emails are sent out en ...
Views: 858 - Jackpotting: How Secure Are Your Bank’s ATMs? - by Submitted on Apr 06, 2017 from Michael PetersATMs were designed to protect their cash vaults, not their computer components, which leaves them vulnerable to “jackpotting” cyber attacks. Earlier this month, the American Bankers Association announced changes to its Bank Capture incident tracking system, which logs data on ATM attacks, as ...
Views: 974 - New York State Cyber Security Regulations Emphasize Governance, Risk & Compliance - by Submitted on Apr 06, 2017 from Michael PetersNew York State Cyber Security Law Heavy on GRC and Proactive Cyber Security The first phase of the New York state cyber security regulations, which apply to insurance companies, banks, and other financial institutions operating within the state, went into effect at the beginning of March. ...
Views: 1133 - Cyber Insurance Market Full of Uncertainty and Skimpy Coverage - by Submitted on Apr 06, 2017 from Michael PetersDespite the escalating intensity and frequency of cyber attacks, fewer than 1/3 of U.S. businesses have purchased cyber insurance policies. A recent report by Deloitte provides insight into why organizations are deciding to go without cyber coverage, as well as why many insurers are hesitant to ...
Views: 1178 - Government Ransomware Is Everyone's Problem - by Submitted on Apr 06, 2017 from Michael PetersThe word “ransomware” has become synonymous with the healthcare industry, but government ransomware attacks are a growing threat. Over the past year, the healthcare industry has been battered by an epidemic of ransomware attacks. The problem has become so ubiquitous that it is making their ...
Views: 1178 - Will Cyber Insurance Cover Your Business After a Ransomware Attack? - by Submitted on Apr 06, 2017 from Michael PetersDon’t depend on a cyber insurance policy to cover your losses after a ransomware attack. Hackers have discovered that there’s fast, easy money in holding enterprise systems hostage, especially in industries that process and store highly sensitive data, such as education and healthcare. The ...
Views: 1137 - Smart Toys Put Children and Parents at Risk of Data Breaches - by Submitted on Apr 06, 2017 from Michael PetersInternet-connected smart toys, a popular holiday gift item, have vulnerabilities that put both children and parents at risk of data breaches and identity theft. Smart toys, which connect to the internet and offer children a personalized, interactive play experience, were a very popular gift ...
Views: 993 - It’s Time to Get Serious About Education Cyber Security - by Submitted on Apr 06, 2017 from Michael PetersK-12 school systems, colleges, and universities are being increasingly targeted by hackers, yet education cyber security is as woefully lacking as other industries, as these recent incidents illustrate: • In November 2016, Columbia County School District in Georgia admitted to a breach of ...
Views: 894 - Doxware Takes Ransomware to the Next Level - by Submitted on Apr 06, 2017 from Michael PetersDoxware Leaks Your Private Data if You Don’t Pay the Ransom Ransomware began grabbing headlines about a year ago, after Hollywood Presbyterian Medical Center paid hackers thousands of dollars in ransom after it got locked out of its systems. This large payday apparently encouraged hackers to ...
Views: 1062 - Strategy for StartUps and others Part-3: Risk Management. - by Submitted on Mar 26, 2017 from Spiros TsaltasAny organization, whether non-profit or for profit, whether small or large, whether a startup or a well- established and mature business, without a strategy it would drift away from its vision, mission and of course from its customers too. This is a follow- up (see previous 2 postings) article ...
Views: 1112