Cybersecurity Sense

Most penetration testers are considered “red team,” while most defenders are considered “blue team.” Thus, the irony of a conventional penetration test is that these two groups are typically pitted against each other. When the red teams and blue teams are working together, you have what’s called a “purple team.” While purple-teaming has not always been a thing, it can be a win for both groups. Purple-teaming has now become somewhat of a buzzword. However, the effort behind it has great merit and value. In this podcast, LBMC Information Security’s Bill Dean helps purple-teaming, as well some of the benefits involved with the practice.

The EU’s General Data Protection Regulation (GDPR) permits users certain rights (referred to as “data subject access rights” or “DSARs” in the documentation) that organizations will need to be prepared to accommodate if they must comply with GDPR. For organizations to be prepared to respond, it’s important to have a clear understanding of DSARs before you risk consuming too much time, money, and resources in efforts to remain compliant. In this podcast, LBMC Information Security’s Drew Hendrickson shares some considerations for how to prepare and respond when a customer chooses to request action on one of their new rights under GDPR.

As organizations determine whether the E.U.’s General Data Protection Regulation (GDPR) is applicable to them, there are several important things to consider when it comes to compliance. Among those things involves preparing for and responding to personal data breaches which is not just a requirement of the GDPR; it’s a good business practice in general), data consent, and how you are protecting our data (like data pseudonymisation). With GDPR, personal data is defined a bit differently, which means there’s potentially much more data for organizations to protect. In this podcast, LBMC Information Security’s Drew Hendrickson highlights a list of things to consider when it comes to GDPR compliance.

As the May 25, 2018 GDPR enforcement date fast approaches, many organizations are asking, “How does the GDPR will apply to my organization?” As the GDPR extends to U.S. organizations that offer services to or monitor behaviors of E.U. citizens, it’s important to understand how to classify your organization’s data to determine GDPR applicability. While the GDPR presents new challenges for organizations storing or processing personal data, maintaining compliance with the proper guidance is essential. In this podcast, LBMC Information Security’s Drew Hendrickson explains GDPR, how it can apply to you, and why GDPR compliance matters.

The question is not, “Will your employees will get your company hacked?” but rather “When will your employees get your company hacked?” A recent article from HITECH Answers highlights this sad reality of human-error being the most common reason for a cyber intrusion and data compromise. So, while employee actions can circumvent most every security control you have invested in, security awareness training is critical to prevent your employees from being your number one risk. Users are often the last line in your cyber-defense efforts, and there is no patch for people wanting to be helpful or wanting to do the right thing. In this podcast, LBMC Information Security’s Bill Dean explains why ongoing employee security training is crucial to ensuring employees know how to spot a hacking attempt, ultimately protecting your organization from a potential cyber-attack. Listen, and discover these key takeaways:  Reasons why employees often do not realize how important they are to the process How not enabling multi-fact

In a recent report from Wombat Security Technologies based on data from millions of simulated phishing attacks, it was found that 76% of organizations said they experienced phishing attacks in 2017, and nearly half of information security professionals said that the rate of attacks increased from 2016 to 2017. F-Secure also recently released research data indicating that over one-third of security incidents start with phishing emails or malicious attachments sent to company employees. In this podcast, LBMC Information Security’s Bill Dean digs into these research findings and shares some reasons why training employees to spot phishing emails, messages, and pre-texting calls can’t be done just once or once a year. Listen, and discover these key takeaways: Fascinating new research findings about phishing attacks Reasons for training employees about phishing attacks on an ongoing basis Why it only takes one user to follow the link in a phishing email for your network to be compromised New approaches that may

When cloud-managed security was first introduced, there was some concern about the levels of security as compared to the security of data on an organization’s premises. Today, security professionals have implemented the appropriate controls to help could-based data management be safe and effective. As many organizations are now embracing and migrating to the cloud, it is important to know the risks and proper controls associated with the movement. In this podcast from the Institute of Internal Audit meeting in Knoxville, LBMC Information Security’s Bill Dean and Sese Bennett discuss the effectiveness and concerns surrounding migrating to cloud-managed security measures and what organizations today should know. Listen, and discover these key takeaways: Why you should evaluate your current security frameworks and compare with cloud-managed controls A brief explanation of FedRAMP and FISMA Reasons to consider moving to cloud-managed security The potential risks associated with cloud frameworks if not implemente

No matter the industry—government, healthcare, financial, or even smaller, mom-and-pop businesses—each deal with some type of sensitive customer information, and each has decisions to make when it comes to managing risk. Most security and audit frameworks (HIPAA, ISO, PCI, NIST, SOC 2, etc.) have requirements for risk assessment, making them one of the first things auditors or regulators ask for. Many companies are still using spreadsheets when it comes to performing risk assessments, which can be ineffective and insecure. Such a lack of functionality can keep a company from moving beyond assessment and into true risk management. In this podcast from the Institute of Internal Audit meeting in Knoxville, LBMC Information Security’s Bill Dean and Mark Fulford discuss the importance of risk management, including the effectiveness of risk assessments and how BALLAST can help organizations automate the risk assessment process. Listen, and discover these key takeaways: Understanding what’s important to your organi

In the information security world, we all wish we had more access to senior executives. Following that logic, if you’re responsible for security at your organization, and you are lucky enough to ride on the same elevator with a senior executive from your company, you should be prepared with your “elevator pitch” on what to say about improving the cybersecurity posture of the organization. When asked, you want to have your message fine-tuned and be able to communicate it clearly and succinctly (before the elevator reaches the parking garage).  In this podcast, LBMC Information Security’s Mark Burnette discusses his elevator pitch to President Donald Trump with podcast host Bill Dean. While Mark hasn’t ridden on an elevator with the President, he doesn’t let that stop him from finding a way to articulate what the President should be doing to address cybersecurity issues at the federal level.  Listen, and discover these key takeaways: Reasons cybersecurity initiatives at the federal government level are importa

The AICPA Cybersecurity Working Group brought to life a new type of cybersecurity examination report in 2017 known as SOC (System and Organization Control) for Cybersecurity. These reports are intended to provide a consistent approach for evaluating and reporting on an entity’s cybersecurity risk management program and give management the ability to consistently describe its cybersecurity risk management program. Additionally, the flexibility of the reports allows management to use any recognized security framework as a baseline while enabling a CPA to provide independent assurance on the effectiveness of the program’s design. In this podcast from the Institute of Internal Audit meeting in Knoxville, LBMC Information Security’s Bill Dean and Drew Hendrickson discuss SOC for Cybersecurity reports and what organizations and IT professionals should know about this new report and how it could help their organizations. Listen, and discover these key takeaways: A brief introduction to SOC for Cybersecurity Element

Incident response consultants are often contacted by clients who are in complete shock that their systems or networks have been compromised. Many times, these clients are hoping our analysis will ultimately prove that the incident was just a “flesh wound” to their systems and that they didn’t experience an actual data breach. It’s quite common for organizations to assume that data breaches won’t happen to them, and consequently, they typically don’t have an incident response plan. Not only do organizations need an incident response plan, but they also need to test it via incident response tabletop exercises. In this podcast, LBMC Information Security’s Bill Dean shares five key reasons why organizations don’t detect cyber breaches, as well as some helpful tips for being prepared in the event of a cyber-attack. Listen, and discover these key takeaways: Reasons why organizations need to plan for a data breach and test the plan Understanding why it’s important for organizations to know where its sensitive data

In comparison to previous years, 2017 was a good year as the number of healthcare records compromised was significantly down. As of December 30, there had been 341 breaches reported, affecting a little less than 5 million individuals. This compares to 327 breach reports in 2016 but with 16.6 million individuals affected. When this information is contrasted with 2015 statistics, fewer breaches (268) were reported, however more than 113 million patients were affected. So, why the significant drop in affected individuals? In this podcast, LBMC Information Security’s Mark Fulford offers some leading theories for these statistics, as well as a quick rundown of the top five healthcare data breaches from 2017. Listen, and discover these key takeaways: Out of the top five healthcare data breaches, the largest one was a result of insider activity—specifically, unauthorized access through stolen media by a now-former employee, while the remaining four were all related to ransomware. Health providers were responsible f

A recent report from cybersecurity firm, FireEye revealed that Chinese hackers have been actively targeting a shortlist of multinational law firms since at least June of 2017. This was an apparent effort to spy on lawyers and steal confidential information, proving that not only are law firms targets of nation states, but attackers are also keeping up with current news, using well-designed phishing campaigns that contain references to pertinent, high-profile U.S. news stories. Although law firm data breaches are not often in the news, they are happening at an alarming rate, and cybersecurity professionals need to be aware and equipped for knowing how to appropriately address such breaches. In this podcast, LBMC Information Security’s Bill Dean highlights some specific examples of law firm data breaches and why law firms are such large targets for cyber-thieves. Listen, and discover these key takeaways: Recent examples of law firm data breaches The efforts of hackers to use U.S. news stories and scandals in h

Since business leaders and board members are not often technically-inclined, they tend to have many questions about cybersecurity. Because of this, the AICPA recently recognized the need for a new type of cybersecurity examination report and put together a task force to bring to life what’s now known as SOC (System and Organization Control) for Cybersecurity. These reports will be beneficial in giving business leaders and board members an independent assurance and solid understanding of risk management and working with third-party cybersecurity professionals. In this podcast, LBMC Information Security’s Mark Burnette and Drew Hendrickson discuss SOC for Cybersecurity reports and what organizations and IT professionals should know about this new report and how it could help their organizations. Listen, and discover these key takeaways: Why SOC for Cybersecurity reports were created Key elements found within an SOC for Cybersecurity report Differences in SOC 2 and SOC for Cybersecurity reports Ways organizatio

A key observation that can be made within the information security industry today is that cybersecurity is not extremely difficult, it is just hard and requires long-term dedication, focus, and commitment. Considering this observation, a key question all cybersecurity professionals must ask is, “If you don’t know where you are, how do you know where you need to improve?” Knowing the answer to this question is essential for beginning or enhancing an organization’s cybersecurity program. In this podcast, LBMC Information Security’s Bill Dean discusses some information security basics that many organizations are overlooking. Bill also walks through a series of basic questions that are good to ask when beginning or strengthening a cybersecurity program. Listen, and discover these key takeaways: Information about getting started and improving a cybersecurity program Reasons that cybersecurity is not about the latest product, but rather about people, processes, and technology Why products can’t help you avoid the

Often in the information security industry, professionals can be accused of spreading fear, uncertainty, and doubt with cybersecurity concerns. However, considering the implications of integrity attacks, it is essential to pay close attention to them. As more organizations move to cloud storage, user authentication compromises are increasing. If an organization has sensitive information that can be accessed from anywhere online by simply using a username and password, that information is at risk, and organizations should make an effort to make their networks more secure.   In this podcast, LBMC Information Security’s Jason Riddle and Mark Fulford discuss the growing concerns with data integrity and how to avoid being a victim of attacks.   Listen, and discover these key takeaways: Feedback heard from the cybersecurity field The need for two-factor or multi-factor authentication The ability for integrity attacks to impact financial markets How integrity attacks could be more effective than availability attack

As operational technology (OT) networks are used with specialized Industrial Control Systems (ICS) to monitor and control physical processes such as assembly lines, mixing tanks, and blast furnaces, these networks have become ripe targets for adversaries. The lack of basic protections like antivirus can enable attackers to quietly perform reconnaissance before sabotaging these physical processes and compromising industrial devices. Once attackers have compromised an OT network, it is easier for them to learn how the equipment is configured and eventually manipulate it.   In this podcast, LBMC Information Security’s Bill Dean discusses how the manufacturing and industrial sectors are prime targets for cyber-attackers.     Listen, and discover these key takeaways:   Reasons we don’t often hear about industrial and manufacturing network breaches Reasons for industrial and manufacturing attacks and what attackers are looking for Reasons industrial and manufacturing sectors should be concerned How NIST’s Cybersec

Though not in the recent limelight, it’s no secret that espionage from nation states is happening once again. With sophisticated attacks on InfoSec supply chain companies in 2012, 2013—and as recently as the past few months—many people are left wondering who would target these specific companies? In the end, we know that despite agreements between countries, we have valuable intel within the United States that these attackers are seeking.   In this podcast, LBMC Information Security’s Bill Dean offers valuable insight on attackers who focus on the InfoSec supply chain.   Listen, and discover these key takeaways:   Information about some of the most popular InfoSec supply chain attacks Potential InfoSec supply chain attackers and what information they are looking for Possible reasons supply chain attacks may become popular again

For the past 20 years, Kaspersky Lab has provided deep threat intelligence and security expertise for businesses, critical infrastructure, governments, and consumers around the globe. More than 400 million users benefit from protection services provided by Kaspersky, in addition to approximately 270,000 corporate clients. Recently, Kaspersky has found itself under question from the U.S. Government regarding accusations that the company is hiding backdoors into its software to help Russia spy on high-profile users. In fact, the U.S. Government removed Kaspersky from its approved vendor list, citing spying concerns as the reason.  In this podcast, LBMC Information Security’s Bill Dean discusses Kaspersky’s current battle with the U.S Government, offering several helpful takeaways for cybersecurity professionals.

When an organization experiences a data breach, one would hope that a quick recovery is ideal, right? But, did you know that there are instances when a quick breach recovery can hurt an organization? For one healthcare facility, this was the case, as it fell prey to a ransomware attack. While the organization was able to quickly recover operations, it recovered so quickly that it failed to preserve needed evidence for proper forensic analysis. So, what did this organization do as a result? In this podcast, LBMC Information Security’s Bill Dean explains how quick breach recovery hurt this organization and the steps that can be taken to avoid it happening for your own organization.