IT Security Best Practices

“Data protection training”  – this phrase will not conjure up a great deal of excitement among the staff of any company. That said, public awareness of data violations and the interests individuals have in protecting … Read more

The shift towards remote work, accelerated by the COVID-19 pandemic, has introduced various data protection challenges. Although some companies, such as Boeing and UPS have made high-profile calls for workers to come back to the … Read more

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has raised concerns for F5 BIG-IP users, warning that malicious actors are exploiting unencrypted cookies to gain information into internal network servers, potentially leading to targeted attacks … Read more

National Cybersecurity Awareness Month is a month-long event held in October aimed at promoting cybersecurity and sharing best practices to help individuals and organizations protect themselves online. The theme in 2024 is “Secure Our World.” … Read more

As a cybersecurity professional, you’re asked the same question every time you meet with your executives or Board:  “What’s the worst that can happen, and how prepared are we?” Deep down, you know you don’t … Read more

In September 2022, Suffolk County, New York, became the victim of a ransomware attack carried out by the AlphV/BlackCat group. This incident crippled government services for months, disrupted emergency operations, and cost the county over … Read more

Cybersecurity is an evolving disciple which faces new threats daily. Despite the best efforts to secure information systems, absolute protection remains an unattainable goal. For any organization, the possibility of a data breach is not … Read more

It is not glamorous, but the simple truth is that perhaps the most important aspect of a Data Protection Officer’s (DPO) mission is to ensure that effective staff training for the safeguarding of sensitive information … Read more

The National Institute of Standards and Technology (NIST) has released the second public draft of its updated Digital Identity Guidelines, aiming to improve the way people verify their identity online. The updated guidance focuses on … Read more

An often overlooked aspect of data security is the potential for sensitive personal information to be concealed in seemingly mundane data. Companies and organizations need to raise employee awareness to ensure comprehensive protection of all … Read more

The Office for Civil Rights (OCR) has issued a reminder to all HIPAA-regulated entities through its latest cybersecurity newsletter. Facility Access Controls are not a formality, they are a necessary aspect in securing electronic protected … Read more

Understanding HIPAA Training Requirements The Health Insurance Portability and Accountability Act (HIPAA) training requirements ensure that healthcare organizations and their business associates comply with the regulations designed to protect the privacy and security of Protected … Read more

There are thousands of HIPAA violation email examples in the public domain, and likely many more thousands not made public due to the reporting requirements of HHS’ Office for Civil Rights and State Attorneys General. … Read more

Ransomware attacks are one of the most serious cybersecurity threats facing businesses 2024. This kind of attack involves a malicious actor encrypting a victim’s data and then making a demand for a ransom payment in … Read more

As far back as 2017, it was estimated that the world was producing some 2.5 quintillion bytes of data each day. Fueled by the explosion of internet use and the digitisation of all aspects of … Read more

World Password Day is celebrated on the first Thursday of May. It was founded in 2013 with the objective of increasing awareness of the significance of using complex and unique passwords and implementing password guidelines … Read more

Incident response playbooks establish standardized procedures for dealing with IT security incidents. These procedures detail explicit actions that an organization should undertake in preparation for, response to, and recovery from these specific incident types. In … Read more

In a recent and significant cybersecurity event, Mandiant, a Google-owned cybersecurity firm, fell victim to a sophisticated cyberattack. This breach, part of a larger cryptocurrency phishing operation, not only exposed security vulnerabilities but also led … Read more

As we venture deeper into the Internet of Things (IoT) era, the security of these interconnected systems becomes increasingly vital. In 2024, IoT ecosystems are more complex and widespread, touching virtually every aspect of our … Read more

HHS Publishes Alert Against LokiBot Malware The Health Sector Cybersecurity Coordination Center (hC3) has publicized an Analyst Note regarding LokiBot – one of the most common and persistent malware variants. LokiBot, also known as Loki … Read more

Bitwarden is one of the most popular password managers on the market today and will be a strong contender for anyone wishing to add an additional level of security for their personal/business devices or network. … Read more

Bitwarden is one of the best password managers available, offering robust security and a great set of features for a very reasonable price, with impressive free tiers for individuals and even small businesses. It is … Read more

It can be a difficult and daunting task deciding what password manager your small business should invest in. While, on one hand, you are probably dealing with a restrictive cybersecurity budget, on the other hand, … Read more

When you are completing your market research to identify the ideal password manager for your business, you will no doubt find yourself asking if each product is trustworthy. After all, if you are going to … Read more

Over the past year, with the onset of the COVID-19 pandemic and the increase in remote working by employees, the need to safely and securely work and collaborate from a distance has been crucial for … Read more

One of the most common vulnerabilities exploited by cybercriminals is weak passwords. Hackers use brute force tactics to guess weak passwords, trying various possible passwords until the correct one is guessed. The process is automated … Read more

Large companies use enterprise-level password management solutions to enforce their password policies, improve productivity, and store the passwords of their employees and third-party contractors safely and securely.  There are many different enterprise password management solutions … Read more

Identifying the best password manager for android users can be a daunting task as the vast majority of password management solutions are specifically designed for desktop computer use. The onus is on the individual doing … Read more

It may seem like a great convenience to be able to save all of your most-used passwords in web browsers so that you do not have to continuously enter them every time you use a … Read more