Today we all communicate constantly over the internet. Some people say we spend too much time on our mobile devices and we do not interact enough with the world and with the people around us. However, that is a discussion for another time. In this blog post we want to discuss how we keep our internet communications secure from eavesdropping.
About Christian Espinosa
This author hasn't written their bio yet.
Christian Espinosa has contributed 110 entries to our website, so far.
Hacking seemed like an arcane art, only mastered by those willing to spend years pouring over dusty tomes of x86 assembly language manuals and protocol RFCs. It did not occur to us that many of the vulnerabilities could be exploited by anyone with basic web development coding skills and the willingness to spend a few hours on research. One of these mysterious incantations was the dreaded “SQL Injection” attack. What exactly could one do with a SQL Injection attack, anyway? No one was quite sure, but since our software was going into a secure military installation, we were pretty sure that the perimeter defenses would prevent anyone from harming it.
The CIS Critical Controls were developed as a framework to not only ensure the successful realization of basic cybersecurity hygiene, but to lead to the planning and implementation of a robust security protocol. To build any cybersecurity protection schemata, it is necessary to know the extent of what it is you are protecting.
It is often easy to take the “that could never happen to me” mentality. We’ve all heard the story of someone’s uncle who was catfished out of his life savings by someone from another country whom he never met, but is the love of his life. While the need for human connection may not be every individual’s weak point, everyone has at least one. In the business environment, humans are invariably the weak link in the security chain. Cybercriminals are particularly adept at manipulating the human element to extort money, intellectual property, and resources.
The Internet of Medical Things (IoMT) is one of the most revolutionary developments in healthcare today. It empowers physicians to monitor patients remotely by providing the patient with network-enabled devices. These devices can track a wide variety of processes, from medication compliance to blood glucose level. Recalls of IoMT devices include pacemakers, infant heart rate monitors, insulin delivery systems, drug infusion pumps, and more. The time is now to focus on IoMT cybersecurity.
At the small to midsize business level, cyberattacks aren’t merely annoying — they can spell certain doom for those already struggling to get by. Hence the need for robust security protocol. That’s exactly what the Center for Internet Security provides with its Top 20 list of Critical Security Controls. While these controls have been in the making for well over a decade, they’ve recently gained greater prominence at the federal and state level — and among private entities. In this blog we offer an in-depth overview of this critical security tool, as well as suggestions for implementation.
Ransomware’s sister threats are a different form of cyber crime called cyber blackmail or cyber extortion. Blackmail doesn’t necessarily involve sophisticated technology. But ransomware and cyber extortion typically do. While these two types of malware share common themes, they also differ in key respects. What’s the difference between ransomware and extortionware? And what can you do to prevent your company from becoming a victim of cyber crime?
A cyber threat map, also known as a cyber attack map, is a real-time map of the computer security attacks that are going on at any given time. One of the most famous was released by the company Norse and went so viral, even among non-hackers, that it got its own story in Newsweek in 2015.
Warfare is no longer about dumping thousands of men in a field and shooting at each other. Today, non-governmental forces are packing explosives onto commercially available drones and flying them over crowded areas. This past August, a dissident organization called Soldiers in T-Shirts attempted to assassinate Venezuelan President Nicolás Maduro using a drone. While this attempt was unsuccessful, it marked the first time — but almost certainly not the last — that a paramilitary organization tried to assassinate a sitting head of state with a drone.
Hacking humans with nanotechnology may sound like a concept from a futuristic science fiction novel or movie, but the truth is, it’s not that far off and it could be the next big cyberthreat. If you thought data breaches involving your social security number or credit card information were scary, imagine the ramifications nanotechnology hacking.
It happens across industries, from refrigerator repair to software sales. You get good enough at your job, you get promoted to management and then become an executive. The field of information security is no exception. What skills do you need to be an effective CISO and what is the Certified CISO program? This blog covers these topics.
This blog features an interview of Alpine Security’s CEO, Christian Espinosa, on medical device security by Caroline Cornell, originally posted at classaction.com. Medical devices have largely been neglected from a cybersecurity perspective. Many of these devices run legacy operating systems, are full of vulnerabilities, and were not intended to be connected to hospital networks.
Penetration testing, also known as ethical hacking, is one of the hottest jobs in tech today. What other career lets you pretend you’re in The Matrix, working your way into systems like a top-level hacker, all without breaking any laws. Oh, and you’re getting paid for it.With a real-world penetration testing job, though, you’re not just playing at hacking into systems. You actually are hacking into systems, and your employer’s very existence may depend on your ability to do it.
Penetration testing, also known as pen testing, is an ethical hacking tactic that helps companies protect themselves. Penetration testers try to break into clients’ digital systems to find weaknesses before a black hat hacker does. This is a growing field as companies seek to prevent the high profile data breaches that have happened in recent years. The top penetration testing certifications can help you get into this field.
Hacked medical devices could be the next big security nightmare. There are currently between 10 and 15 connected devices per hospital bed in the United States, many of which are vulnerable to attack.
Organizational leaders must understand that comprehensive, risk-based decisions are vital to balancing the force multiplying effects of information systems with the risk of those systems being inherently vulnerable to exploitation. If you want to prevent or reduce the likelihood of an attack, you have to risk management strategy: how your organization will frame, assess, respond to and monitor risk over time.
If you are looking for the best cybersecurity career path this article has everything you need. We explain the best post graduation steps you need to take to get your foot in the door with major cybersecurity companies.
If you run a business that manages sensitive data, you’ve got to be concerned with your cybersecurity. In this article, we’ll break down the 8 most common types of cyber attacks and how to stop them.
Whether you want to get an entry-level cybersecurity position or you just want to enhance the skills you already have, here is a list of the top 5 cybersecurity certifications employers are looking for.
As a healthcare facility who deals with a lot of sensitive information, you have to make sure you’re HIPAA compliant. In this article, you’ll find a compliance checklist that’ll help you cover all your bases and are HIPAA compliant.
Connect with Us
Interested in our cybersecurity training or services? Complete the form below and we’ll get back with you right away. We appreciate your interest.
- The State of Ransomware 2020
- National Cybersecurity Awareness Month: 6 Things to Practice During the Month
- Cybersecurity Checklist for Business Closures, Consolidations, and Acquisitions
- What Is DevSecOps?
- Cybersecurity and a Remote Workforce: What Does the Future Look Like?
- 6 Penetration Testing Trends to Have on Your Cybersecurity Radar
- Incorporating Privacy and Security by Design into MedTech
- What is the Difference Between CMMC, DFARS, and NIST 800-171?
- At Risk: Medical Device Cybersecurity Vulnerabilities Expose Patients to Life-threatening Consequences
- 5 Reasons to Hire a Fractional CISO
- Why Private Cybersecurity Training Matters for Your Organization
- Is the CEH Certification Right For You?
- Internal Penetration Test vs Vulnerability Assessment: Which is Right for You?
- Best Beginner Cybersecurity Certification to Get
- Penetration Testing for Compliance: The Top 5 Laws and Regulations that Require Testing