Analysis: The Cybersecurity Risks Major Corporations Face

Data Breach Today

The latest edition of the ISMG Security Report features a deep dive into an analysis of the cybersecurity risks that publicly traded companies face.

Analysis: Facebook Breach's Impact

Data Breach Today

The latest edition of the ISMG Security Report features an analysis of the latest developments in Facebook's massive data breach and expert analysis of the potential for nation-state interference in the U.S. midterm elections

The Ride-Along: Intelligence Analysis for Real Time Crime Centers

Data Breach Today

Learn about technologies and methods to more effectively and efficiently combat crime using intelligence analysis. Learn about technologies and methods to more effectively and efficiently combat crime using intelligence analysis

Analysis: Apple's New Single Sign-On Feature

Data Breach Today

The latest edition of the ISMG Security Report describes Apple's newly announced single sign-on function that's built with privacy in mind. Plus, a discussion of the "other" insider threat and an Infosecurity Europe conference recap

Analysis: Dark Web Arrests Also Led to Ransomware Disruption

Data Breach Today

and other law enforcement agencies appear to have led to the closure of the "Dream Market" dark web site, which, in turn, disrupted certain ransomware attacks, according to an analysis by incident response firm Coveware

Malicious PDF Analysis

Security Affairs

In the last few days I have done some analysis on malicious documents, especially PDF. Then I thought, “Why not turn a PDF analysis into an article?” SecurityAffairs – PDF analysis, hacking). The post Malicious PDF Analysis appeared first on Security Affairs.

Analysis: The Evolving Ransomware Threat

Data Breach Today

The latest edition of the ISMG Security Report offers an in-depth look at the ever-changing ransomware threat. Other topics: filling the DevSecOps skills gap and the repercussions of Australia's encryption-busting law

2018 Health Data Breach Tally: An Analysis

Data Breach Today

Hacking Incidents Still Dominate, But Fewer Huge Incidents Than in Years Past Major health data breaches added to the official federal tally in 2018 impacted more than twice as many individuals as the incidents added to the list 2017.

UK Cyberattack Investigations: An Analysis

Data Breach Today

The latest edition of the ISMG Security Report features an analysis of the results of over 1,000 cyberattack investigations in the U.K. Also: an update on the proposed NIST privacy framework and a report on voter registration information for sale on the dark web

Avoiding Critical Security Risk Analysis Mistakes

Data Breach Today

Privacy attorney Adam Greene provides tips for avoiding mistakes when conducting a HIPAA security risk analysis and spells out the essential steps to take

Analysis: Health Data Breach Tally Trends

Data Breach Today

Here's an analysis of the latest statistics and the reasons behind the trends

Analysis: Russian Misinformation Campaign

Data Breach Today

The latest edition of the ISMG Security Report offers an update on how Russian bots and trolls are spreading misinformation on vaccines via social media - and the public health impact of the campaign. Plus: Tips on disaster recovery, internet of things security

White House National Cyber Strategy: An Analysis

Data Breach Today

Security Experts Examine Administration's Document and Rhetoric A national cybersecurity strategy document released by the White House last week - along with comments from a top Trump administration official that the U.S.

Analysis: Anthem Data Breach Settlement

Data Breach Today

Some terms of the recent $115 million settlement in the class action lawsuit against health insurer Anthem tied to a 2015 cyberattack appear underwhelming for the victims, says attorney James DeGraw, who explains why

Analysis: Verizon's Breach Report 2018

Data Breach Today

Verizon's latest Data Breach Investigations Report shows that half of data breaches in 2017 worldwide were orchestrated by organized cybercriminal groups, says Verizon's Ashish Thapar, who offers an in-depth analysis of the findings

ISO 27001: Gap analysis vs. risk assessment

IT Governance

What is a gap analysis? An ISO 27001 gap analysis gives organisations an overview of what they need to do to meet the Standard’s requirements. Download now >> The post ISO 27001: Gap analysis vs. risk assessment appeared first on IT Governance Blog.

Malware Analysis for Blue Teams

Data Breach Today

At a time when security professionals are faced not only with a barrage of threats, but with a myriad of threat intelligence data sources, it can be challenging to know when to stop an investigation. Join DomainTools Senior Security Engineer Tarik Saleh to learn essential methodologies from a blue team perspective

Ten steps to a GDPR gap analysis

IT Governance

Most GDPR (General Data Protection Regulation) compliance projects start with a gap analysis. A gap analysis is a popular method of assessing compliance against the requirements of the Regulation. What does a gap analysis involve? Can I use a free GDPR gap analysis tool?

Risk Analysis Requirement Survives 'Meaningful Use' Revamp

Data Breach Today

But current program requirements for conducting a security risk analysis would stick CMS Proposes Major Overhaul of EHR Incentive Program, Emphasizing Interoperability Federal regulators are proposing an overhaul to the "meaningful use" electronic health record incentive program.

Excellent Analysis of the Boeing 737 MAX Software Problems

Schneier on Security

This is the best analysis of the software causes of the Boeing 737 MAX disasters that I have read. Technically this is safety and not security; there was no attacker.

Government Spending on Cybersecurity: An Analysis

Data Breach Today

Around the world, many CIOs at various levels of governments expect an increase in cybersecurity spending in 2019, according to new research from Gartner. Alia Mendonsa, co-author of the report, analyzes the results of a global survey

Using Machine Data Analysis to Detect Fraud

Data Breach Today

Jade Catalano of Splunk Discusses Early Detection Methods Connecting the dots between disparate forms of machine data can prove to be valuable in discovering fraud patterns, says Jade Catalano of Splunk, who explains how

FRMC Digitization Cost Benefit Analysis Tools

National Archives Records Express

It is not a complete analysis of every current contract holder’s rates, but is a starting point to understand what price ranges you may expect to see. A cost-benefit analysis can provide practical support for the business decision of when or when not to digitize. The following is a guest post by Tammy Hudson, DHS Records Officer on behalf of the Federal Records Management Council.

Analysis: Data Breach Litigation Trends

Data Breach Today

Lawsuits filed in the wake of data breaches are evolving, says attorney John Yanchunis, who represents plaintiffs in many of these class action cases

The importance of knowing ‘where’ in digital forensic analysis

OpenText Information Management

This issue is often exacerbated by a … The post The importance of knowing ‘where’ in digital forensic analysis appeared first on OpenText Blogs. Professional Services Digital Forensic Analysis EnCase EnCase Training OpenText EnCase OpenText Security Security Solutions

“Collection #1” Data Breach Analysis – Part 1

Security Affairs

Today I’d like to write a quick partial analysis that I’ve been able to extract from those records (I grabbed data from public available pasties website). PARTIAL Analysis of Collection #1. Collection #1 PARTIAL Analysis on used passwords. PARTIAL Analysis on most leaked domain.

Medicaid Data Breach Trends: An Analysis

Data Breach Today

One Big Hacker Incident Responsible for Most Victims Impacted in 2016 Medicaid agencies and their contractors reported more than 1,200 data breaches in 2016, but just one hacking incident accounted for more than 70 percent of all victims, according to a new report. What else does the report reveal

The Battle of Winterfell: A Tactical Analysis

WIRED Threat Level

If you're going up against an army of the undead, maybe plan a little better. Security Security / Security Advice

CIA sextortion campaign, analysis of a well-organized scam

Security Affairs

The post CIA sextortion campaign, analysis of a well-organized scam appeared first on Security Affairs. Crooks are posing as CIA agents in a sextortion campaign, they are sending emails to inform the victims of an investigation into online pedophilia rings.

Analysis: California's Groundbreaking Privacy Law

Data Breach Today

The latest edition of the ISMG Security Report features a discussion of California's groundbreaking new privacy law as well as an update on the potential impact of the hacker group responsible for the Ticketmaster breach

“Collection #1” Data Breach Analysis – Part 2

Security Affairs

The cyber security expert Marco Ramilli continues its analysis of the data leak known as Collection #1, he shared some interesting views on data The cyber security expert Marco Ramilli continues its analysis of the data leak known as Collection #1, he shared some interesting views on data.

Analysis: Updates to STIX, TAXII Standards

Data Breach Today

Allan Thomson of LookingGlass Describes Enhancements The STIX and TAXII standards for threat intel interchange have undergone a major upgrade to v2.0. LookingGlass CTO Allan Thomson, who's been closely involved in its development, describes the role of these enhanced standards

Analysis: Did Anthem's Security 'Certification' Have Value?

Data Breach Today

Insurer Was Certified as HITRUST CSF Compliant Before Its Mega-Breach Health insurer Anthem had earned HITRUST Common Security Framework certification before its mega-breach. Now that the insurer has agreed to a $16 million HIPAA settlement with federal regulators, who spelled out the company's security shortcomings, it's worth scrutinizing the value of adopting a framework

Analysis: Security Elements of 'Trusted Exchange Framework'

Data Breach Today

Some Proposals More Specific Than What's Required Under HIPAA Federal regulators have released a draft of a trusted health information exchange framework with some detailed security components that go beyond HIPAA requirements.

5 key benefits of an ISO 27001 gap analysis

IT Governance

One way to simplify the process is to conduct an ISO 27001 gap analysis , a process in which your current state of compliance is measured against the Standard. Below we have outlined exactly how an ISO 27001 gap analysis can benefit your organisation.

Analysis: NY Attorney General's Anti-Breach Actions

Data Breach Today

Privacy attorney Kirk Nahra offers an analysis of the New York state attorney general proposing updates to the state's data security laws and issuing a substantial financial penalty in a HIPAA violations case

The Legal Case for a Coherent Risk Analysis Program

Data Breach Today

Attorney Shawn Tuma on Improving Cybersecurity and Regulatory Compliance A coherent risk analysis program tailored to the organization is a vital component of any effort to improve cybersecurity and meet regulatory requirements, says attorney Shawn Tuma

Feelings, trends and value: Three key elements of sentiment analysis

OpenText Information Management

With web and social media crawlers – tools … The post Feelings, trends and value: Three key elements of sentiment analysis appeared first on OpenText Blogs. Analytics Professional Services AI consumer sentiment content analytics customer reviews machine learning magellan Magellan Text Mining natural language processing NLP OpenText Magellan sentiment analysis subjective text mining tonalityDo you want to know what your customers think about your product?

What exactly is an ISO 27001 gap analysis, anyway?

IT Governance

One solution is to conduct an ISO 27001 gap analysis – a process many organisations consider an important starting point when putting a prioritised plan in place. But what is an ISO 27001 gap analysis, and what does it entail? The breadth of applicability of? ISO 27001 ?can

Analysis: Opioid Legislation Stripped of Privacy Provision

Data Breach Today

Although the passage by Congress of the Support for Patients and Communities Act this week is an important step in the nation's battle against the opioid drug addiction crisis, it lacks a critical privacy provision, says Geisinger Health CIO John Kravitz, who analyzes the implications