1. December #SecChat Recap – The Security Impact of Shadow IT

    The numbers don't lie—employees are increasingly circumventing IT, using unapproved Software-as-a-Service applications (SaaS) in their daily tasks. This dangerous habit, practiced by more than 80% of employees (known as Shadow IT), might seem harmless to some, but can, in fact, put sensitive corporate data at risk. Last week, Graham Clarke, the Senior Director of Network Security Product Managem…Read More

  2. Encrypted PIN Data Stolen in Target Breach

    Target confirmed this morning that encrypted PIN data was stolen in the Black Friday data breach that exposed 40 million accounts to fraud. Spokesperson Molly Snyder said the ongoing forensics investigation confirmed that PIN data was accessed as well, contrary to previous claims made by the retail giant. “We remain confident that PIN numbers are safe and secure,” Snyder said in a statement. …Read More

  3. Time To Float Your Business Up Into The Cloud?

      One of the biggest buzzwords being used right now is “the cloud.”  So, what is the cloud? There are many different definitions you can find, but for the small business owner it means essentially outsourcing your IT infrastructure (possibly including applications, servers, data storage, etc) remotely.  Why would you move to the cloud?  The most commonly cited reasons are focused upon the …Read More


    “They are aggressive at collecting sensitive data, embedding functionalities and capabilities to perform dangerous operations such as downloading and running new code on demand, and they are also plagued with various classes of vulnerabilities that enable attackers to turn their aggressive behaviors against users,” researchers, Yulong Zhang, Hui Xue, Tao Wei and Dawn Song wrote today on the co…Read More

  5. Penetration Testing vs. Vulnerability Assessment

    In the past few days, months and indeed years many people have approached me and asked me a very simple question… But bare in mind that this simple question was and indeed it is a still a big dilemma between many professionals in IT security, cyber security, management, decision-makers, policy, etc.  Thereby, the question is: What is the difference between Penetration testing and Vulnerability …Read More

  6. HCISPP℠ – HealthCare Information Security and Privacy Practitioner

      As the rapidly evolving healthcare industry faces increasing challenges to keeping personal health information protected – including growing volumes of electronic health records, new government regulations, and a more complex IT security landscape-here is a growing need to ensure knowledgeable and credentialed security and privacy practitioners are in place to protect this sensitive informati…Read More