Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Learn how to better protect your organization from attacks by looking at how attackers compromised a Microsoft signing key. Secure your keys and actively monitor code and logs.

There is a welter of websites that are not indexed by search engines on the dark web, making it an ideal space to exchange all kinds of illegal content or products. This dark part of the web actually represents just 0.1% of the deep web. So how come something so small can be so dangerous for organizations and users?

The role of the CISO is expanding alongside the growing adoption of digital technologies, which has resulted in a faster and more interconnected workforce. The dynamic and evolving nature of cyber threats is posing challenges for security teams in terms of visibility and expertise required to defend against them.

Each week we look at the data losses, hacker attacks, and the state of security in the United States and around the world. This week things seem to be particularly bleak. We always expect to see some breaches in major companies, but this week we learned about widespread employee credential losses in countless corporations throughout the United States and the world.

Fairfax Oral and Maxillofacial Surgery, or Fairfax OMS, is a dental practice that first opened in Burke, Virginia, in 1980. The organization offers a mix of dental surgery services, such as bone grafting, wisdom tooth extraction, dental implants, and more. The organization accepts patients in Washington, D.C., Maryland, and six separate locations throughout Virginia. There are more than 87 employees in the organization, and it generates about $16 million in annual revenue.

Identity theft is a crime that is unfortunately common and is devastating for the victim. Serious cases can require enormous amounts of time and money to recover. The three primary categories of identity theft include online identity theft, financial identity theft and medical identity theft.

Australia is using the Security of Critical Infrastructure Act 2018 (SOCI Act 2018) as a framework to help the country mitigate and remediate threats to the country’s critical infrastructure. This comes after several high-profile cyber attacks raised Australia’s awareness of the need for cybersecurity and the standardization of cyber security measures for priority organizations.

You don’t need a professional to be PCI-compliant, but professional expertise can make navigating the notoriously complex PCI DSS requirements easier. An experienced cybersecurity firm with qualified assessment staff can speed up compliance, enhance a firm’s security posture according to priority actions, and help the firm achieve a high level of security and peace of mind. However, you must use a professional for your business to be PCI-certified.

The Massachusetts Data Security Law (201 CMR 17.00) safeguards the personal information of Massachusetts residents. The law went into effect on March 1, 2010, and at the time, was one of the most comprehensive data privacy laws passed in the United States. Since the law’s passing, a variety of U.S. States have passed more robust data privacy legislation, including the notable California Consumer Privacy Act (CCPA) and Virginia Consumer Data Privacy Act (VCDPA).