Information Security

This category contains 614 posts

Weekly Security Headlines: WannaCry Spillover, Mickey Mouse Hacked, DocuSign Phishing and 560 Million Passwords

Not surprisingly, WannaCry remained top of mind last week. We’re sure you’re doing everything you can to patch your environment and prevent similar ransomware attacks in the future. Here are some WannaCry headlines (and other security news) that caught our eye last week.   WannaCry Rolls On According to the Dark Reading article WannaCry’s ‘Kill … Continue reading

A Management System for the Cloud – Why Your Organization Should Consider ISO 27018

Cloud computing technologies have revolutionized the way organizations manage and store their information.  Where companies used to house and maintain their own data, a host of organizations have now made the switch to a cloud-based model due to the ease of use and cost-saving benefits promised by the cloud. But what is a cloud without … Continue reading

Ransomware: Why Are Organizations Still So Vulnerable?

Ransomware attacks are not new. In fact, ISACA has been sounding the alarm on the increasing spate of ransomware for quite a while. Unfortunately, it takes a massive-scale cyber attack like the recent WannaCry incident for such cyber crimes to gain national and international notoriety. In fact, another recent ransomware attack that caught the public’s … Continue reading

How to Stop and Remediate WannaCry

The effects of WannaCry, the ransomware dominating international headlines, continue to be felt by organizations and individuals alike. If you or anyone you know has had a device infected, (ISC)2 has advice for stopping and remediating the attack. View the video below to see how you can respond to WannaCry: [(ISC)² Blog]

Weekly Security Headlines: WannaCry, NSA, Pen Testing and more…

Kazuar, Windows Defender and Worst-Case Scenarios The WannaCry Ransomware attack continues to dominate the news cycle, and we’re sure you’re closely watching developments and taking appropriate US-CERT precautions. But from Microsoft issuing an emergency patch for Windows Defender to the NSA director sharing his cyber fears to Gizmodo phishing for Trump administration officials, last week … Continue reading

How Can We Get More Young People Excited About IT?

There are a lot of exciting things happening in the IT field, which means there’s a tremendous amount of growth occurring in a lot of businesses. With that growth comes the need to hire cost-effective talent. This begs the question: How can we get more young people excited about launching careers in IT? Why IT? … Continue reading

WannaCry: Is this a Watershed Cyber Security Moment?

As I watched the news, I was struck by the inaccuracy of much of the initial coverage of the massive wave of ransomware attacks that surfaced on 12 May. Even my partner thought that the National Health Service (NHS) computers, as well as other targets around the world, were being intentionally targeted by a coordinated … Continue reading

Ransomware: Healthcare Organizations Cannot Afford to Be Unprepared

I had just typed the last word of a new ISACA publication on governance of enterprise information technology for healthcare environments when today’s news on the National Health Service (NHS) ransomware attack broke. As we now know (as of the time of this writing): •  At least 16 UK National Health Service (NHS) trusts are … Continue reading

The Vendors of My Vendor’s Vendor … What? … Wait? … I’m Confused?!

It is no secret that vendor management is one of the top security challenges we face today. But what compounds the challenge is not knowing the relationships beyond our direct vendors. What are the vendors of my vendor doing? I don’t know what I don’t know The scenario: A recent project was initiated by the … Continue reading

Data Loss Threatens M&A Deals

One of the most popular breakout sessions at Evolution17 featured a great merger and acquisition (M&A) scenario: Midway through the deal, critical information leaks, devastating the value of the deal. How can you figure out how much info leaked—by whom and to whom? Here’s why that storyline was so riveting: 2016 saw more than $3.5 … Continue reading

Web Stats

  • 110,911 hits


@PhilipHungCao, GICSP, CISM, CCSP, CCSK, CASP, CIW-WSP, PCNSE7, ACSP, CCDA, DCSE, JNCIA, MCTS, MCSA, VCP5-DCV, VCP6-NV, ZCNT is a #TekF@rmer. He has 16 years' experience in ICT/Cybersecurity industry in various sectors & positions.

Personal Links

View Full Profile →

Enter your email address to follow this blog and receive notifications of new posts by email.

Join 1,791 other followers

Twitter Updates


May 2017
« Apr