The first recorded data breach of our century occurred in 1984 at TRW, a credit reporting agency. One stolen password posted to an electronic bulletin board could have permitted access to the credit histories of 90 million people. Computer experts warned that prevention of such incidents demanded greater security. Thirty-three years later—the data … [Read more...]
SecOps IT Security & Compliance Blog
Delivering effective IT security and compliance means enabling Security and Operations teams to work effectively together. This is how IT can deliver what the business needs: secure and reliable IT services.
Learn about IT Security and Compliance in BMC's complete guide.
At the risk of sounding like a geek, I could not help but notice the discussion about whether the 2016 Uber hack was ransomware or just extortion. I searched the web and the consensus definition of ransomware is “a type of malware that encrypts files so they cannot be opened, and prevents you from using your computer or accessing those files unless … [Read more...]
Staying ahead of the competition in digital business means that companies must continually innovate and deliver improved services and products to the market. The speed and agility of public cloud has proven to be a cost effective, flexible platform, but it has brought with it new security challenges. The cloud has matured and can be very secure, if … [Read more...]
No business or individual is immune to a cyber breach, yet I hear many people say they don’t think they will be affected. They believe that their company does not have anything valuable enough to be stolen, but every company and individual has data that is valuable to a cyberthief that they might overlook. While we’re all focused on our money in … [Read more...]
Maturity is typically used in the context of a person’s path to adulthood. Do they behave and act as civilized adults according to social norms? Or do they throw tantrums, speak out of turn or lack the decorum to behave appropriately for the situation? We also use maturity to describe the sophistication and completeness of an organization’s … [Read more...]
As cloud application development teams release software under mounting pressure to improve speed, differentiation, and agility, ensuring security and regulatory compliance can become an after-thought. Moreover, maintaining said compliance across complex cloud environments using a broad array of services from the likes of AWS can present very real, … [Read more...]
Before HIPAA, there were no general requirements or security standards for protecting patient health information in the healthcare industry. Without regulations set in place, healthcare providers could not confidently state that their patients’ sensitive data was properly protected. Once the Health Insurance Portability and Accountability Act was … [Read more...]
In a world where healthcare records are increasingly found electronically and on the cloud, protecting this sensitive and confidential information has never been more vital. If you work in healthcare, you know how often you find yourself with access to sensitive personal information, all of which needs to be properly stored, transmitted, and … [Read more...]
2017 is almost over and as expected, has achieved new records in technology adoption, driven by the transformation of traditional businesses into digital enterprises. While several huge security breaches have been in the news this year, the threat level continues to grow, with cybercrime getting more organized, and derailing the power of new … [Read more...]
As organizations continue to adopt open source software and cloud technologies, maintaining a secure and compliant environment is getting more challenging. As noted in the WSJ post Out-of-Date Software Creates Incalculable Cyber Risk, even though Equifax was aware of the Apache Struts vulnerability (CVE 2017-5638) and attempted to fix it, there … [Read more...]