Last month a new omnibus HIPAA privacy and security rule was released that increased the number of items to be audited as well as the potential penalties if compliance is not adhered to. You can read the new rules here – http://www.hhs.gov/news/press/2013pres/01/20130117b.html What is interesting to note is while the requirements or things to audit for… Read more »

So like many, it is that time of year to look back on the year’s events and reflect on things, while looking forward to the coming new year. What is interesting in our industry is the fact this is the time of year that everyone does their “Top 5,10,15, 20” events/gadgets/moments blogs/news articles about security… Read more »

So I was approached by several friends in the managed services and security operations services fields, last year, with questions about discovering an attacker that is already inside a corporate network. Specifically, both had recently had clients go through internal penetration tests and only had limited success in identifying the hacking attempts. After talking with… Read more »

For those of you that know me, or have heard me speak before at an event, you know then how I like to tell stories to relay messages. One of the stories that I often tell is one about a client that I like to call my Model Client. The story dates back a good ten… Read more »

So in Part 1, we covered solutions for preventing hacking attempts, as they are considered one of the top two reasons for successful security breaches.  In this article, we will cover some common sense approaches to preventing and identifying malware breaches.  The Problem: So one of the questions we pose to our audience in our… Read more »

So besides being well received at the two conferences we attended last week, we have already gotten several emails inquiring about our talk “Security that Works, Even on a Budget.” Namely, what the heck are we talking about? So, to kick things off on our blog with a few more official entries, we’ve decided to… Read more »