This category contains 1279 posts

Ransomware: Why Are Organizations Still So Vulnerable?

Ransomware attacks are not new. In fact, ISACA has been sounding the alarm on the increasing spate of ransomware for quite a while. Unfortunately, it takes a massive-scale cyber attack like the recent WannaCry incident for such cyber crimes to gain national and international notoriety. In fact, another recent ransomware attack that caught the public’s … Continue reading

Why Directors Feel Inadequate in Terms of Cybersecurity and What They Can Do About It

Executive Summary The National Association of Corporate Directors says that directors do not feel adequate in terms of mitigating cybersecurity issues. The problem is that we have led ourselves to believe that cybersecurity risk is somehow different from all the other risks that directors deal with daily. This is incorrect. The same risk strategies apply: … Continue reading

How to Stop and Remediate WannaCry

The effects of WannaCry, the ransomware dominating international headlines, continue to be felt by organizations and individuals alike. If you or anyone you know has had a device infected, (ISC)2 has advice for stopping and remediating the attack. View the video below to see how you can respond to WannaCry: [(ISC)² Blog]

Weekly Security Headlines: WannaCry, NSA, Pen Testing and more…

Kazuar, Windows Defender and Worst-Case Scenarios The WannaCry Ransomware attack continues to dominate the news cycle, and we’re sure you’re closely watching developments and taking appropriate US-CERT precautions. But from Microsoft issuing an emergency patch for Windows Defender to the NSA director sharing his cyber fears to Gizmodo phishing for Trump administration officials, last week … Continue reading

How Can We Get More Young People Excited About IT?

There are a lot of exciting things happening in the IT field, which means there’s a tremendous amount of growth occurring in a lot of businesses. With that growth comes the need to hire cost-effective talent. This begs the question: How can we get more young people excited about launching careers in IT? Why IT? … Continue reading

Threat Brief: WanaCrypt0r– What We Know

Situation Summary This Unit 42 blog provides an update on the threat situation surrounding the WanaCrypt0r ransomware attacks and how the attack propagates. Initial reports said that the WanaCrypt0r attack began as part of a spam/phishing campaign. Unit 42 and other researchers have concluded that these reports are not substantiated. While the initial attack vector … Continue reading

How Japan Is Aiming to Close the Cybersecurity Skills Gap Before Tokyo 2020

With only three years left before the Tokyo Summer Olympic Games in 2020, Japan is facing a shortfall of cybersecurity manpower. According to the Ministry of Economy, Trade and Industry (METI), the current shortfall of IT professionals to available opportunities is 132,060, which will further increase to 193,010 in 2020. About half of end-user companies believe … Continue reading

WannaCry: Is this a Watershed Cyber Security Moment?

As I watched the news, I was struck by the inaccuracy of much of the initial coverage of the massive wave of ransomware attacks that surfaced on 12 May. Even my partner thought that the National Health Service (NHS) computers, as well as other targets around the world, were being intentionally targeted by a coordinated … Continue reading

Ransomware: Healthcare Organizations Cannot Afford to Be Unprepared

I had just typed the last word of a new ISACA publication on governance of enterprise information technology for healthcare environments when today’s news on the National Health Service (NHS) ransomware attack broke. As we now know (as of the time of this writing): •  At least 16 UK National Health Service (NHS) trusts are … Continue reading

The Vendors of My Vendor’s Vendor … What? … Wait? … I’m Confused?!

It is no secret that vendor management is one of the top security challenges we face today. But what compounds the challenge is not knowing the relationships beyond our direct vendors. What are the vendors of my vendor doing? I don’t know what I don’t know The scenario: A recent project was initiated by the … Continue reading

Web Stats

  • 110,772 hits


@PhilipHungCao, GICSP, CISM, CCSP, CCSK, CASP, CIW-WSP, PCNSE7, ACSP, CCDA, DCSE, JNCIA, MCTS, MCSA, VCP5-DCV, VCP6-NV, ZCNT is a #TekF@rmer. He has 16 years' experience in ICT/Cybersecurity industry in various sectors & positions.

Personal Links

View Full Profile →

Enter your email address to follow this blog and receive notifications of new posts by email.

Join 1,787 other followers

Twitter Updates


May 2017
« Apr