Threat intelligence, we keep hearing about it from security vendors, but what is it really? Is it hype or marketing speak that will be promoted by those without a real grasp of what it means, or is it the real deal? One problem in defining threat intelligence is that one person’s threat intelligence is not […]
Personal Information Protection & Electronic Documents Act (PIPEDA) Changes
On March 26, 2018, the Government of Canada quietly announced that, on November 1, 2018, important changes to the Personal Information Protection and Electronic Documents Act (PIPEDA) will come into force. This has not met with the fanfare of the EU’s GDPR (General Data Privacy Regulation) but is of significant note for those business in […]
Are you wasting money on this common cybersecurity investment?
A wasted investment is the last thing any organization needs, yet the cost of a cybersecurity solution doesn’t necessarily equate to value. Consider Security Information and Event Management, or SIEM tools for example. Dark Reading points out that the tool itself is not the key factor in the effectiveness – it must be properly configured […]
Could you have the same vulnerability that led to the Equifax breach?
Regardless of the size of your organization, it’s very likely that you could. Vulnerabilities including the bug reportedly responsible for Equifax’s data breach are still common elements of open-source systems used by developers for creation of business applications and web portals. While this saves time and money on the development side, unless they perform regular […]
Canada has a new cybersecurity strategy – does it impact you?
Do you do business with companies in Canada? A recent government survey showed that although 94% of Canadian business collect personal data from their customers, they still have a long way to go to in protecting it, with three quarters of the business executives and owners having never reviewed their responsibilities and one third not […]
How do you end up with a $4.3M HIPAA fine?
A Judge ruled in favor of the Office of Civil Rights and upheld a fine of $4,348,000 against MD Anderson, a cancer treatment and research center in Texas. This was the 4th largest fine in history for HIPAA violations. What led to this judgement, and what can we learn from it? Lesson #1 – Repeat […]
State of Cybersecurity 2018
Did you know? The General Data Protection Regulation (GDPR) will take affect May 25, 2018. This will affect global organizations that hold or process personal data of any European Union resident. The definition of “personal data” is much more broad than in current US compliance regulations, and penalties for non-compliance are 20 million Euros or […]
The Aftermath of 2017 Data Breaches
We hear a lot about the latest data breach, but we don’t always hear so much about the aftermath. Let’s look at some examples from 2017 to drive home the impact that a cyber incident can have on an organization. Uber was a classic study in what not to do in response to a breach. […]