Study: Hospitals dramatically increase ad spend following data breaches


Determining the actual cost of a data breach is difficult and often leads to heated discussions in security circles. How do you determine how many customers who left (following a breach) wouldn’t have left anyway? Perhaps they already were upset with the organization for some other reason. How do you know if a sales decline […]

The case for security breach communications in healthcare


My research and writing embeds me in a world of frighteningly smart healthcare security professionals. At a recent HIMSS cybersecurity conference, I sat horrified to learn how complicated the challenges of protecting healthcare records really are. I also learned that even the most complex security firewalls like Blockchain are still untested over long periods of […]

The three realities of ICT security all senior executives must accept

My colleagues and I are often asked by senior executives how they can make sure their organisation’s data is secure from loss. Security professionals know better than to ask, but they sometimes place false trust in tools that promise greater visibility or better defences. They also often ask us how they can make better sense […]

Stay safe: Massive database of stolen passwords surfaces

Every few months, it seems, a big trove of usernames and passwords surfaces somewhere. This week it was uncovered by Bob Diachenko of Kromtech Security Research Center. He wrote about a massive trove of emails and passwords appearing online. As Diachenko explains, the database of 560 million emails and passwords may have been curated from other exposures, […]

GameStop, Scottrade suffer data breaches

A duo of recent data breaches — one hitting a stock trading brokerage and another a videogame retailer — shows that more gains are needed to protect customer data, even with all of the progress made over the last 10 years. According to a story by colleague Steve Ragan, Scottrade Bank (a subsidiary of Scottrade Financial Services Inc.) […]

Theft of employee iPhone results in $650,000 HIPAA fine

Most of us have lost a smartphone or tablet, but most of us aren’t carrying around patient information. And if you are going to carry PHI (protected health information) you’d better make certain that you adequately protect that data. That’s the lesson to come out of the settlement last week between the Catholic Health Care […]

About that Twitter password ‘breach’

Retail data regulation CSC Blogs

Twitter recently put millions of users on notice to reset their passwords after the company learned that passwords were, somehow, available on the Dark Web. But Twitter contends — and it’s very plausible — that these passwords were not pilfered from Twitter’s servers. According to this Twitter blog post, the “purported Twitter @names and passwords may have […]

Third-party data security failures put everyone’s data at risk

Third party security CSC Blogs

A data breach reported in early April is the latest in a string of breaches involving trusted third parties or partners. As Steve Ragan at CSOonline wrote in his post, Latest tax-related data breach could affect employees and their children, this breach affected Whiting-Turner, a Baltimore, Maryland-based construction company that services both the private and public sectors. […]

While majority of orgs fear big breach, they’re not prepared to respond

This is no shock to anyone who has been paying attention to data security: Nearly every organization, no matter its size or location or industry are at significant risk of a data breach. How significant? Well, if a survey just published by ID Experts, Mitigating the Inevitable: How Organizations Manage Data Breach Exposures is any […]

What is the key to lowering the high cost of a data breach?

Cybersecurity breaches CSC Blogs

It’s not really a shocker, but a survey published today by SANS found organizations that plan and prepare for data breaches can greatly reduce the costs of data breaches over time. According to the report, those enterprises with a data breach plan have teams in house at the ready to respond to a data breach. They […]