Self Improvement Site
On The Internet! Take the Self Improvement Tour
On The Internet! Take the Self Improvement Tour
Risk Management Articles
We are currently looking for an Official SelfGrowth.com Guide to "Risk Management". If you have expertise in Risk Management and your own website and/or product for this topic, please review this form for complete details. The Official Guide Position is part of our Premium Placement Package
- How to Manage Legal Risks when Outsourcing & Offshoring to India? - by Submitted on Sep 30, 2019 from John TieLegal Process Outsourcing or LPO (that implies assigning the work to third-party companies) has emerged as the new trend in the industry across the globe today. This is so because not only is outsourcing synonymous with reduced costs, but also provides instant resource access that is amply ...
Views: 1274 - Cryptonight virus looming out of the cryptojacking darkness - by Submitted on Sep 17, 2019 from David BalabanCryptocurrency mining is a process that allows computer users to ride the wave of the decentralized digital assets boom. It’s a benign concept in itself, moreover, the whole blockchain-sustained economy wouldn’t work without it as it requires an immense aggregate processing capacity contributed ...
Views: 1317 - Why Cybersecurity Awareness Is Important - by Submitted on Jul 30, 2019 from Archer KiernanMost of the breaches are due to human error. We need to prevent that from happening. Cyber criminals are getting smarter, after all. Unfortunately, the majority of the cybersecurity breaches are because of human error. What’s worse is that there is only 38% of companies and organisations ...
Views: 1364 - What DoD Contractors Need to Know About the CMMC - by Submitted on Jul 18, 2019 from Michael PetersCyberattacks on the U.S. government’s vast network of contractors and subcontractors pose a serious threat to national security, and the DoD is taking action. The agency tasked NIST with developing a set of guidelines addressing advanced persistent threats against contractors who handle ...
Views: 1406 - NIST Proposes Stronger Cyber Standards for Defense Contractors - by Submitted on Jul 10, 2019 from Michael PetersU.S. defense contractors are being heavily targeted by foreign cybercriminals. An internal Navy cyber security audit ordered after a series of successful breaches of Navy contractors revealed an agency in complete cyber chaos “in ways few appreciate, fewer understand, and even fewer know what to ...
Views: 1285 - How Are IT Compliance and Cyber Security Different? - by Submitted on Jul 03, 2019 from Michael PetersIT compliance and cyber security are often used interchangeably, even within the cyber security and compliance fields. This is the basis for the completely incorrect and dangerous notion that achieving compliance automatically equals being secure. While there is some overlap, and the two ...
Views: 1228 - Tips to Remember When Shopping Online - by Submitted on Jun 30, 2019 from Calida JenkinsThe internet has changed many things, especially the way we do our shopping. Whereas we had to physically go down to the shops before the internet became widely used, now we can just sit at home with our laptop and credit card and have everything we buy delivered to our door. However, online ...
Views: 1250 - NIST Proposes Secure Software Development Framework - by Submitted on Jun 29, 2019 from Michael PetersApplying software updates and patches as soon as possible is a cyber security best practice, but what if an update contains malicious code inserted by a hacker? Software supply chain attacks are a serious and growing problem for both private-sector organizations and the federal government. Among ...
Views: 1181 - What is Forex and How To Invest It ? - by Submitted on Jun 26, 2019 from Manisha bawariyaForex deals primarily with the trading of currencies, in other words, currency trading is offered at a sustained price in the market. It involves investing in foreign currency and making a profit by selling it at a higher price. In other words, you are expanding the one you hold, just buying ...
Views: 1323 - Which FedRAMP Security Impact Level Is Right for You? - by Submitted on Jun 22, 2019 from Michael PetersYou would never pay $1,000 upfront and $30/month for a security system to protect a shed containing $100 worth of lawn equipment. However, you wouldn’t hesitate to spend that much or more to protect your home and family. The same concept applies in information security. Different kinds of data ...
Views: 1108 - Your Guide to the PCI DSS Merchant Levels - by Submitted on Jun 13, 2019 from Michael PetersIf your organization processes, stores, or transmits cardholder data for the major credit card brands, you are required to be compliant with PCI DSS. While PCI DSS is not required by U.S. federal law — it is an industry standard mandated by the credit card companies — but some states have laws ...
Views: 1147 - Understanding the Updated SOC 2 Trust Services Criteria - by Submitted on Jun 13, 2019 from Michael PetersOutsourcing IT services to service organizations has become a normal part of doing business, even for small companies. However, there are risks to using service providers, and these continue to evolve and change. In this dynamic environment, the American Institute of Certified Public Accountants ...
Views: 1101 - Understanding the Role of the FedRAMP 3PAO During Assessment - by Submitted on May 30, 2019 from Michael PetersThe Federal Risk and Authorization Management Program (FedRAMP) was designed to support the federal government’s “cloud-first” initiative by providing a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services. All cloud service ...
Views: 1120 - The FedRAMP Assessment Process: Tips for Writing a FedRAMP SSP - by Submitted on May 23, 2019 from Michael PetersA FedRAMP SSP (System Security Plan) is the bedrock of a FedRAMP assessment and the primary document of the security package in which a cloud service provider (CSP) details their system architecture, data flows and authorization boundaries, and all security controls and their ...
Views: 1172 - Lower HIPAA Fines Aren’t a License to Relax Cyber Security - by Submitted on May 16, 2019 from Michael PetersFollowing a record year for HIPAA settlements that saw the U.S. Department of Health and Human Services (HHS) collect $28.7 million in HIPAA fines, HHS has reduced the maximum annual HIPAA fine in three out of the four penalty tiers. However, HHS’ move doesn’t mean that healthcare organizations ...
Views: 1137 - Docker Hub Hack Compromises Sensitive Data from 190,000 Accounts - by Submitted on May 16, 2019 from Michael PetersAccording to an official email sent to users, hackers gained access to Docker Hub, the official repository for Docker container images, “for a brief period.” However, during that “brief period,” approximately 190,000 user accounts were compromised, containing data such as usernames, hashed ...
Views: 1148 - How to Protect Your Business Website from Formjacking - by Submitted on May 05, 2019 from Michael PetersAs individuals become more savvy about avoiding phishing emails, and enterprises get better at filtering them out before they ever reach employees’ inboxes, it’s become more difficult for hackers to infect enterprise systems with ransomware and cryptojacking malware. Companies are also becoming ...
Views: 1259 - Hackers Can Use DICOM Bug to Hide Malware in Medical Images - by Submitted on Apr 24, 2019 from Michael PetersA newly discovered design flaw in DICOM, a three-decade-old medical imaging standard, could be used to deliver malware inside what appears to be an innocuous image file, a researcher from Cylera has discovered. Because the malware would not alter the protected health information (PHI) contained ...
Views: 1189 - Dragonblood Vulnerabilities Discovered in WPA3 WiFi Standard - by Submitted on Apr 24, 2019 from Michael PetersLast year, the Wi-Fi Alliance announced the launch of the WPA3 WiFi security standard, which was developed to eliminate a number of security problems with WPA2. One of the major defense measures in WPA3 is the Simultaneous Authentication of Equals (SAE) handshake, which replaced the Pre-Shared ...
Views: 1110 - Arizona Beverages Ransomware Attack Halts Sales for Days - by Submitted on Apr 12, 2019 from Michael PetersWhat appears to have been a targeted ransomware attack knocked over 200 networked computers and servers offline at Arizona Beverages, one of the largest beverage suppliers in the U.S., TechCrunch reports. The attack, which the company was still struggling to recover from two weeks later, halted ...
Views: 1163 - Business Email Compromise Attacks Increase by Nearly 500% - by Submitted on Apr 03, 2019 from Michael PetersLast year, the FBI reported that incidents of business email compromise (BEC), also known as spear phishing, CEO fraud, and invoice fraud, had been reported in all 50 states and 150 countries, with global losses exceeding $12 billion. BEC scams are continuing to explode in popularity among cyber ...
Views: 1125 - Kubernetes Security Best Practices to Protect Your Cloud Containers - by Submitted on Apr 03, 2019 from Michael PetersLightweight cloud containers are fast replacing resource-sucking virtual machines, and Kubernetes is fast becoming the de facto standard for container orchestration. Kubernetes adoption doubled in 2018. Unfortunately, as with any popular technology, it was only a matter of time before hackers ...
Views: 1101 - Trustly to Buy Everything Online Safe and Secure - by Submitted on Apr 01, 2019 from Amit ThakurThere was a time when things were simple. We would work in the job places and were personally paid in hard cash and so was true for business transactions. But with the passage of times, everything has undergone a great deal of sophistication and so has the mode of payments. Besides, worsening ...
Views: 1066 - The Serious Job of Protecting Client Information - by Submitted on Mar 28, 2019 from Susan Friesen6 Important Small Business Cyber Security Tips Chances are, you think twice before entering your credit card information online to buy something, watch out for malicious links in emails and keep your PC updated against viruses, spyware and hackers. However, how much thought do you put ...
Views: 1232 - Navy Cybersecurity Failures Detailed in New Report - by Submitted on Mar 23, 2019 from Michael PetersEveryone already knew that Navy cybersecurity had big problems. Last fall, a Wall Street Journal report on Navy cybersecurity revealed that Chinese nation-state hackers had successfully breached a number of third-party Navy contractors over an 18-month period, stealing highly classified ...
Views: 1118 - NIST Issues Revised Guidance for Bolstering Federal Email Security - by Submitted on Mar 13, 2019 from Michael PetersEmail breaches can be just as destructive to organizations as customer data breaches; just ask Sony Pictures and the Democratic National Committee. A breach of a federal government agency’s email system may not just be embarrassing or scandalous to the agency; it could put national security at ...
Views: 1080 - Proactive Tips for Preventing Credential Stuffing Attacks - by Submitted on Mar 12, 2019 from Michael PetersNearly everyone knows that reusing passwords across multiple sites and systems is a security risk, but most people continue to do it anyway. As a result, credential stuffing attacks abound, especially among retailers. Dunkin’ Donuts has been victimized twice in the past three months by hackers ...
Views: 1118 - Hybrid Cloud Security Lags Behind Implementation - by Submitted on Mar 01, 2019 from Michael PetersFor many organizations, particularly those in highly regulated industries such as healthcare, hybrid cloud environments offer the best of both worlds. Companies get to enjoy the easy scalability and other benefits of AWS, Microsoft Azure, or Google Cloud while isolating their critical workloads ...
Views: 1123 - Malorie Peacock – Storytelling in the Courtroom - by Submitted on Mar 01, 2019 from Michael CowenIn this episode of Trial Lawyer Nation, Michael Cowen sits down with Cowen | Rodriguez | Peacock partner, Malorie Peacock, for another installment of TLN Table Talk to answer the questions of our listeners. Today’s topic focuses on storytelling in trial and identifying the “characters” in your ...
Views: 1063 - Does Your Business Need a Website Maintenance Plan? - by Submitted on Feb 28, 2019 from Susan FriesenDoes Your Business Need a Website Maintenance Plan? What Can Happen if You Neglect Your Newly-Built Site So, your new site is complete – congratulations! There are a lot of moving parts to a build, from coding to design to content. However, if you want to attract and retain customers, ...
Views: 1140 - Safe Storing Tips For Dangerous Materials - by Submitted on Feb 22, 2019 from Ronald WolfPreventing a scenario in which hazardous materials put at risk people, animals, vegetation and environment, should always be a number one priority. Even if we are talking about chemicals or materials that are just sitting there for ages in some dark corner, without causing any real damage, they ...
Views: 1198 - GandCrab Ransomware Exploiting an Old Vulnerability to Infect New Victims - by Submitted on Feb 21, 2019 from Michael PetersThird-party vendor hacks, where hackers attack a company by compromising one of their business associates, have been a problem for a while. Now, the hackers behind GandCrab ransomware have gotten into the act, exploiting a year-old SQL injection vulnerability in a common remote IT support ...
Views: 1123 - The Cost of One Cyber Attack Can Cripple an SMB - by Submitted on Feb 13, 2019 from Michael PetersCost is arguably the biggest impediment to robust, proactive cyber security at small and medium sized businesses (SMBs). SMBs are aware of the need to secure their systems and data, but when presented with a solution, the costs may give them pause. Some of them think that hackers are interested ...
Views: 1069 - What Is Ransomware-as-a-Service? Understanding RaaS - by Submitted on Feb 07, 2019 from Michael PetersRansomware isn’t a new threat. It first rose to prominence back in 2016, when Hollywood Presbyterian Medical Center shelled out $17,000 in bitcoin after an attack took the hospital offline. Since then, ransomware has only become more popular, especially for hackers targeting the healthcare ...
Views: 970 - It's a Mature Bull Market And Time For A Strategic Hedging Plan - by Submitted on Feb 06, 2019 from Dwayne StrocenYes it’s time to hedge your risk, but don’t wait for that perfect moment. Both the economy and stock market are showing signs of stress. Here's what you need to know. Here are some of the excuses we hear from professional money managers and risk managers for not having a hedging program ...
Views: 845 - Browser Extensions Can Pose Significant Cyber Security Threats - by Submitted on Jan 30, 2019 from Michael PetersFrom blocking ads and coin miners to saving news stories for later reading, browser extensions allow users to customize their web browsers for convenience, efficiency, and even privacy and security — usually for free. However, browser extensions need a wealth of access permissions to operate, ...
Views: 1066 - What Your Cloud Business Needs to Know About SOC 2 Certification - by Submitted on Jan 25, 2019 from Michael PetersAs cyber threats present greater risks to enterprises of all sizes and in all industries, more are requiring that their SaaS providers and other cloud services vendors have an SOC 2 certification. Let’s examine what an SOC 2 certification is and why your cloud services business should get ...
Views: 917 - The Top 5 Cyber Threats to the Healthcare Industry - by Submitted on Jan 18, 2019 from Michael PetersThe financial impact of cyber attacks can be devastating, especially to small organizations. The HHS points out that the healthcare industry has the highest data breach cost of any industry, at an average of $408 per record and $2.2 million per organization. In 2016, the healthcare industry as a ...
Views: 1526 - Finding the Right Home Security System for Your Home - by Submitted on Jan 18, 2019 from Mohimenul IslamOwning a home comes with a ton of responsibilities, and topping this list is ensuring that it is well protected. After all, it is among your most significant investments. While there are many ways to safeguard your home such as having a dog or joining a neighborhood watch group, a home security ...
Views: 865 - HHS Publishes New Cyber Security Guidelines for Healthcare Industry - by Submitted on Jan 09, 2019 from Michael PetersNoting that cyber security is “the responsibility of every health care professional, from data entry specialists to physicians to board members,” the U.S. Department of Health and Human Services (HHS) has published Health Industry Cybersecurity Practices: Managing Threats and Protecting Patients ...
Views: 1043 - The 6 Most Common Cyber Security Mistakes Your Employees Are Making - by Submitted on Jan 02, 2019 from Michael PetersWith an estimated 90% of cyber attacks caused by human error or behavior, it’s important to understand the most common cyber security mistakes your employees are probably making and know how to mitigate them. Becoming victims of phishing schemes Stolen login credentials are the most common ...
Views: 1003 - Why your cloud business needs FedRAMP certification - by Submitted on Dec 27, 2018 from Michael PetersThe Federal Risk and Authorization Management Program, or FedRAMP, was designed to support the federal government’s “cloud-first” initiative by making it easier for federal agencies to contract with vendors that provide SaaS solutions and other cloud services. Unlike FISMA, which requires ...
Views: 995 - Chinese Hackers Pose a Serious Threat to Military Contractors - by Submitted on Dec 21, 2018 from Michael PetersThe years-long Marriott Starwood database breach was almost certainly the work of nation-state hackers sponsored by China, likely as part of a larger campaign by Chinese hackers to breach health insurers and government security clearance files, The New York Times reports. Why would foreign spies ...
Views: 1049 - Marriott Starwood Breach Spotlights Multiple Cyber Security Issues - by Submitted on Dec 12, 2018 from Michael PetersThe Marriott Starwood breach, which exposed the personal data of 500 million guests, was not the largest data breach in terms of size; Yahoo still holds that dubious honor. However, because of the nature of the data stolen, it has the potential for a very long reach and highlights multiple cyber ...
Views: 1032 - Common Cyber Security Myths That Hackers Want You to Keep Believing - by Submitted on Dec 07, 2018 from Michael PetersLike other criminals, hackers take advantage of people’s misconceptions regarding their risk of being victimized. Here are six common cyber security myths that could be putting your enterprise at risk. Security Myth #1: Compliance Equals Cyber Security Compliance with regulatory and ...
Views: 1085 - Understanding & Preventing Advanced Persistent Threats (APTs) - by Submitted on Nov 29, 2018 from Michael PetersA guide to advanced persistent threats (APTs), a highly sophisticated, highly destructive form of cyber attack. What is an Advanced Persistent Threat (APT)? “Advanced persistent threat” is a broad term used to describe a cyber attack where hackers covertly gain access to a system and ...
Views: 1005 - Best Practices for Complying with Data Privacy Laws - by Submitted on Nov 23, 2018 from Michael PetersAs California goes, so does the rest of the country. While the California Consumer Privacy Act (CCPA), which was passed this summer and goes into effect in 2020, falls short of being an “American GDPR,” it clearly tore many pages from the far-reaching European data privacy law. Similar to the ...
Views: 1026 - The Top Cyber Security Threats Facing Enterprises in 2019 - by Submitted on Nov 14, 2018 from Michael PetersThe cyber threat environment is becoming more dangerous every day. A recent survey by the World Economic Forum revealed that cyber-attacks were the number-one concern of executives in Europe and other advanced economies. As we approach the winter holidays and the end of the year, let’s ...
Views: 1398 - 5 Practical Applications of Blockchain to Cyber Security and Compliance - by Submitted on Nov 07, 2018 from Michael PetersWhile digital currencies, particularly bitcoin, are the most common and well-known application of blockchain technology, they are far from being the sole or even the most important use. Blockchain is one of the most important technological advancements of the digital age, and its full potential ...
Views: 1335 - SEC Cyber Enforcement Action Cites Lack of Internal Controls - by Submitted on Oct 31, 2018 from Michael PetersDes Moines-based Voya Financial Advisors (VFA) has agreed to pay the U.S. Securities and Exchange Commission a $1 million penalty in the wake of an April 2016 breach that affected several thousand VFA customers. The SEC cyber enforcement action charged VFA with not having sufficient written ...
Views: 955