
The State of Ransomware 2020
...
This author hasn't written their bio yet.
Hilary Meyers has contributed 110 entries to our website, so far.
...
...
...
...
...
...
...
...
...
...
...
...
...
...
Penetration testing offers two important benefits — security and regulatory compliance. Rising cybercrime, such as the Equifax breach, has affected millions of Americans who now insist on knowing that companies will keep their data secure. And government regulators are happy to help them do it by penalizing companies that do not comply with federal guidelines.
Last month, the FDA issued a warning about software vulnerabilities on multiple medical devices, including infusion pumps, anesthesia machines, and imaging systems. These vulnerabilities allow threat actors to trigger information leaks, gain access to hospital networks and, most worryingly, remotely control the devices themselves.
Historically, small businesses thought about security in terms of physical property. To protect the items inside the store or office, business owners purchased locks, installed alarm systems, and sometimes hired security guards. Today, however, property crimes are continuing their 25-year decline, meaning the chances of a break-in at your business are about half what they were in 1993. Cybercrimes, however, are the new playground for criminals.
When people talk about medical device security, the conversation often turns to data security and HIPAA. There’s plenty to be said about protecting patient privacy, but patient safety is a greater concern.
More than 65 percent of senior decision-makers at small businesses still believe that they’re unlikely to be targeted by cybercriminals. About 60 percent of those businesses have no defense plan in place and an estimated 14 percent are insufficiently prepared to respond if an attack does occur.
This blog post is a transcript of Alpine Security’s Risk Management Framework (RMF) Overview video, which covers an overview of RMF, as defined by NIST 800-37r2. Each step in the process is discussed at a high level:
Categorize
Select
Implement
Assess
Authorize
Monitor
Interested in our cybersecurity training or services? Complete the form below and we’ll get back with you right away. We appreciate your interest.