Articles

Articles by Michael Peters

Browse every published article connected to Michael Peters, with exact attribution and full-archive search.

articles
162
shown per page
50
search signals
Topic + expert

Articles

162 articles by Michael Peters · showing 50

Browse every published article connected to Michael Peters, or search within this exact expert archive.

By Michael PetersRecently published1 topic

5 Things to Know About Email Marketing and the GDPR

Email marketing is big business. MarTech Advisor reports that it is the best-performing channel for a company’s ROI, and 61% of consumers prefer to receive offers via email, as opposed to only 5% who prefer social media offers. However, many organizations are conce ed about how the GDPR, the European Union’s new, sweeping data privacy law, will impact their email marketing programs.

Primary topic: Business Networking
Business Networking
1,103 views
Read article
By Michael PetersRecently published1 topic

Understanding the NIST Cybersecurity Framework (NIST CSF)

Last week, the NIST Small Business Cybersecurity Act (S. 770) passed the U.S. Senate and was sent to the White House, where the president is expected to sign it into law shortly. The bipartisan measure directs NIST to provide resources to small businesses to help them implement the NIST Cybersecurity Framework (aka the NIST CSF) and to keep the needs of small enterprises in mind when developing future standards.

Primary topic: Business Networking
Business Networking
985 views
Read article
By Michael PetersRecently published1 topic

The Top 5 Cyber Threats to the Healthcare Industry

The financial impact of cyber attacks can be devastating, especially to small organizations. The HHS points out that the healthcare industry has the highest data breach cost of any industry, at an average of $408 per record and $2.2 million per organization. In 2016, the healthcare industry as a whole lost $6.2 billion to data breaches.

Primary topic: Business Networking
Business Networking
1,684 views
Read article
By Michael PetersRecently published1 topic

The Top Cyber Security Threats Facing Enterprises in 2019

The cyber threat environment is becoming more dangerous every day. A recent survey by the World Economic Forum revealed that cyber-attacks were the number-one conce of executives in Europe and other advanced economies. As we approach the winter holidays and the end of the year, let’s examine the top cyber security threats enterprises can expect to grapple with in 2019. Phishing Schemes

Primary topic: Business Networking
Business Networking
1,545 views
Read article
By Michael PetersRecently published1 topic

Which FedRAMP Security Impact Level Is Right for You?

You would never pay $1,000 upfront and $30/month for a security system to protect a shed containing $100 worth of lawn equipment. However, you wouldn’t hesitate to spend that much or more to protect your home and family. The same concept applies in information security. Different kinds of data necessitate different levels of security, which is why FedRAMP security impact levels exist. A government agency that deals with data that is widely available for public consumption doesn’t require as many security controls as an agency that works with classified data.

Primary topic: Business Networking
Business Networking
1,249 views
Read article
By Michael PetersRecently published1 topic

Proactive Tips for Preventing Credential Stuffing Attacks

Nearly everyone knows that reusing passwords across multiple sites and systems is a security risk, but most people continue to do it anyway. As a result, credential stuffing attacks abound, especially among retailers. Dunkin’ Donuts has been victimized twice in the past three months by hackers seeking access into customers’ DD Perks loyalty program accounts. What is credential stuffing?

Primary topic: Business Networking
Business Networking
1,271 views
Read article
By Michael PetersRecently published1 topic

How to Protect Your Business Website from Formjacking

As individuals become more savvy about avoiding phishing emails, and enterprises get better at filtering them out before they ever reach employees’ inboxes, it’s become more difficult for hackers to infect enterprise systems with ransomware and cryptojacking malware. Companies are also becoming more diligent about backing up their systems, and cryptocurrency prices have fallen, meaning that the potential profits from ransomware and cryptominers have likewise diminished.

Primary topic: Business Networking
Business Networking
1,408 views
Read article
By Michael PetersRecently published1 topic

Hackers Can Use DICOM Bug to Hide Malware in Medical Images

A newly discovered design flaw in DICOM, a three-decade-old medical imaging standard, could be used to deliver malware inside what appears to be an innocuous image file, a researcher from Cylera has discovered. Because the malware would not alter the protected health information (PHI) contained in the image file, it would bypass automated malware detection systems. What is DICOM?

Primary topic: Business Networking
Business Networking
1,344 views
Read article
By Michael PetersRecently published1 topic

Browser Extensions Can Pose Significant Cyber Security Threats

From blocking ads and coin miners to saving news stories for later reading, browser extensions allow users to customize their web browsers for convenience, efficiency, and even privacy and security—usually for free. However, browser extensions need a wealth of access permissions to operate, including things like browsing history, website content, even login credentials. Because extensions aren’t applications in their own right—they run inside web browsers—antivirus software generally cannot detect malicious extensions.

Primary topic: Business Networking
Business Networking
1,209 views
Read article
By Michael PetersRecently published1 topic

Cyber Security Best Practices for a Sustainable Digital Transformation

The rise of ecommerce, particularly mobile ecommerce, has fundamentally altered both consumer and business buying habits. Organizations are embracing digital transformation in an effort to appease modern buyers and enhance the customer experience while cutting costs and improving efficiency. The 2018 State of Digital Business Transformation survey by IDG found that 89% of organizations have either adopted or plan to adopt a digital-first strategy.

Primary topic: Business Networking
Business Networking
985 views
Read article
By Michael PetersRecently published1 topic

Social Media Cyber Security Risks and Best Practices for Businesses

Businesses tend to gloss over social media cyber security, thinking that it’s more of an issue in their employees’ personal lives than a threat to workplace cyber security. However, one in eight enterprises have suffered a security breach that was traced back to a cyber attack on social media. Here are the top social media cyber security threats to organizations and how to avoid them. Social Media Cyber Security Threats to Enterprises

Primary topic: Business Networking
Business Networking
1,064 views
Read article
By Michael PetersRecently published1 topic

Cloud Security: Understanding SOC 2 Type 2 Attestations

We are living in a cloud-first world; cloud services, including storage services and SaaS providers, are wildly popular. Unfortunately, third-party vendor breaches are at epidemic levels, and new regulations such as the EU GDPR are seeking to hold organizations accountable if third-party business associates that store or handle their sensitive data, including their cloud vendors, are hacked. One way for businesses to protect themselves is to look for an SOC 2 Type 2 report when evaluating cloud vendors.

Primary topic: Business Networking
Business Networking
1,009 views
Read article
By Michael PetersRecently published1 topic

10 Cyber Security Travel Tips to Protect Your Devices & Data

The holiday season is fast approaching, but hackers don’t take vacations. Whether you’re planning to go home for the holidays or travel for business on a regular basis, make sure to protect yourself from cyber crime with these cyber security travel tips. Update Your OS & Software Before you leave, make sure your operating systems and software are up-to-date. Take Only What You Need Do you really need to pack 15 different electronic devices? The more devices you take, the more you’ll have to keep safe from hacking, theft, or accidents.

Primary topic: Business Networking
Business Networking
1,317 views
Read article
By Michael PetersRecently published1 topic

Tesla Breach Demonstrates the Importance of Industrial Cyber Security

Massive data breaches are what grab headlines, but industrial cyber security attacks can be devastating in the real world. Tesla has just learned this lesson the hard way. CEO Elon Musk has accused a malicious company insider of altering product code, stealing data and exporting it to third parties—and possibly even causing a factory fire.

Primary topic: Business Networking
Business Networking
901 views
Read article
By Michael PetersRecently published1 topic

NIST Proposes Secure Software Development Framework

Applying software updates and patches as soon as possible is a cyber security best practice, but what if an update contains malicious code inserted by a hacker? Software supply chain attacks are a serious and growing problem for both private-sector organizations and the federal government. Among other incidents, Chinese nation-state hackers successfully breached numerous third-party contractors working for the U.S. Navy on multiple occasions over an 18-month period.

Primary topic: Business Networking
Business Networking
1,330 views
Read article
By Michael PetersRecently published1 topic

Your Guide to the PCI DSS Merchant Levels

If your organization processes, stores, or transmits cardholder data for the major credit card brands, you are required to be compliant with PCI DSS. While PCI DSS is not required by U.S. federal law—it is an industry standard mandated by the credit card companies—but some states have laws that refer to PCI DSS explicitly or contain equivalent mandated standards. Additionally, being found out of compliance can put your company in the crosshairs of the FTC.

Primary topic: Business Networking
Business Networking
1,295 views
Read article
By Michael PetersRecently published1 topic

Lower HIPAA Fines Aren’t a License to Relax Cyber Security

Following a record year for HIPAA settlements that saw the U.S. Department of Health and Human Services (HHS) collect $28.7 million in HIPAA fines, HHS has reduced the maximum annual HIPAA fine in three out of the four penalty tiers. However, HHS’ move doesn’t mean that healthcare organizations are now free to take a laissez-faire approach to compliance or cyber security. More culpability = higher HIPAA fines

Primary topic: Business Networking
Business Networking
1,281 views
Read article
By Michael PetersRecently published1 topic

The FedRAMP Assessment Process: Tips for Writing a FedRAMP SSP

A FedRAMP SSP (System Security Plan) is the bedrock of a FedRAMP assessment and the primary document of the security package in which a cloud service provider (CSP) details their system architecture, data flows and authorization boundaries, and all security controls and their implementation. Keep in mind that to prevent conflicts of interest, 3PAO’s are prohibited by regulation from helping a CSP put together a FedRAMP SSP and also conducting that CSP’s FedRAMP assessment.

Primary topic: Business Networking
Business Networking
1,311 views
Read article
By Michael PetersRecently published1 topic

5 Practical Applications of Blockchain to Cyber Security and Compliance

While digital currencies, particularly bitcoin, are the most common and well-known application of blockchain technology, they are far from being the sole or even the most important use. Blockchain is one of the most important technological advancements of the digital age, and its full potential has barely been tapped. Among the most exciting potential uses for this technology are cyber security and compliance applications. What Is Blockchain?

Primary topic: Business Networking
Business Networking
1,477 views
Read article
By Michael PetersRecently published1 topic

Why Do Schools Keep Getting Hacked?

K-12 schools, colleges, and universities are attractive targets for hackers. Their networks contain an enormous amount of identifying information on staff members, students, and students’ families, including names, birth dates, addresses, Social Security numbers, and even health records. Additionally, educational institutions are frequently connected to each other and to government agencies for information-sharing purposes, which means that hackers may use a school’s network as a “back door” into their real target.

Primary topic: Business Networking
Business Networking
1,114 views
Read article
By Michael PetersRecently published1 topic

It’s Time to Get Serious About Education Cyber Security

K-12 school systems, colleges, and universities are being increasingly targeted by hackers, yet education cyber security is as woefully lacking as other industries, as these recent incidents illustrate: • In November 2016, Columbia County School District in Georgia admitted to a breach of personal information belonging to its employees and their spouses, dependents and insurance beneficiaries, including their names, birth dates, and Social Security information.r

Primary topic: Business Networking
Business Networking
1,009 views
Read article
By Michael PetersRecently published1 topic

Spear Phishing: Don’t Take the Bait!

Don’t let your business get caught on a spear phisher’s hook. Like regular phishing, spear phishing involves sending legitimate-looking but fraudulent emails asking users to provide sensitive information and/or initiate wire transfers. However, while regular phishing emails are sent out en masse to the general public, spear phishing emails are highly targeted and sent to specific, predetermined victims, usually a small group of people working at a specific company.

Primary topic: Business Networking
Business Networking
972 views
Read article
By Michael PetersRecently published1 topic

10 Tips to Improve Employee Cyber Security Compliance

Your organization’s people are your first line of defense against cyber criminals. Unfortunately, they’re also your weakest link. Insiders pose the biggest threat to cyber security in the healthcare industry, and only 13% of public sector employees “take personal responsibility for cyber security.” Here are 10 proactive ways to improve employee cyber security compliance.r

Primary topic: Business Networking
Business Networking
1,224 views
Read article
By Michael PetersRecently published1 topic

PCI DSS Compliance Alone Won’t Protect Your Customer Data

PCI DSS compliance is serious business for any organization that processes or accepts major payment cards, including SaaS providers that offer payment processing solutions to their customers. Retailers or payment processors who are found to be in violation of PCI DSS can be fined millions of dollars, and they may even be stripped of their ability to accept major credit cards.

Primary topic: Business Networking
Business Networking
900 views
Read article
By Michael PetersRecently published1 topic

5 Tips to Secure Your Healthcare Organization's Systems Against Hackers

In a previous blog, we discussed the recent epidemic of ransomware attacks on U.S. healthcare organizations and the importance of the industry taking this very serious cyber security threat – and information security in general – seriously. The good news is that although a ransomware attack can bring a healthcare facility to its knees, ransomware attacks can be prevented by taking precautionary measures. Following are five tips for healthcare organizations to protect themselves against ransomware and other cyber security attacks.

Primary topic: Business Networking
Business Networking
937 views
Read article
By Michael PetersRecently published1 topic

5 Reasons Why Your Enterprise Should Put IRM Before GRC

Over the summer, Gartner announced that it was moving its focus away from GRC and launching a new Magic Quadrant for integrated risk management, or IRM: IRM enables simplification, automation and integration of strategic, operational and IT risk management processes and data. IRM goes beyond the traditional, compliance-drive GRC technology solutions to provide actionable insights that are aligned with business strategies, not just regulatory mandates.

Primary topic: Business Networking
Business Networking
1,213 views
Read article
By Michael PetersRecently published1 topic

Social Media Security and the Trump Twitter Account Incident

Social Media Security Matters; Just Look at the Trump Twitter Account Debacle Last week’s Trump Twitter account incident – where the president’s Twitter feed was deactivated for 11 minutes – was fodder for many late-night television jokes. All kidding aside, though, enterprise social media security is serious business.

Primary topic: Business Networking
Business Networking
998 views
Read article
By Michael PetersRecently published1 topic

New York State Cyber Security Regulations Emphasize Governance, Risk & Compliance

New York State Cyber Security Law Heavy on GRC and Proactive Cyber Security The first phase of the New York state cyber security regulations, which apply to insurance companies, banks, and other financial institutions operating within the state, went into effect at the beginning of March. While the insurance and finance industries are already subject to numerous cyber security-related standards and regulations, New York’s legislation represents the first time a state has mandated specific cyber security requirements. Breaking Down the Requirements

Primary topic: Business Networking
Business Networking
1,237 views
Read article
By Michael PetersRecently published1 topic

Cyber Security Lesson Brief from the Under Armour Breach

Last week, athletic apparel manufacturer Under Armour announced that its popular MyFitnessPal weight loss and fitness tracking app had been hacked, compromising 150 million accounts. The Under Armour breach is the largest data breach so far this year and ranks among the top five to date. It also makes a good case study in the do’s and don’ts of enterprise cyber security.

Primary topic: Business Networking
Business Networking
1,226 views
Read article
By Michael PetersRecently published1 topic

Hackers’ Next Target: Smart Toys

Cyber criminals don’t care who they hurt. This was made obvious during the rash of ransomware attacks on healthcare facilities this year, where hackers locked down electronic health records systems, putting patients at grave risk. There is great conce that the proliferation of Internet of Things (IoT) medical devices, such as smart insulin pumps, will enable hackers to go after patients directly, demanding that they pay a ransom to keep their lifesaving devices working.

Primary topic: Business Networking
Business Networking
1,186 views
Read article
By Michael PetersRecently published1 topic

Ransomware Attacks Show that Healthcare Must Take Cybersecurity Seriously

While healthcare providers and healthcare industry vendors cannot afford to ignore HIPAA compliance, a new threat emerged in 2016 and has only gotten bigger in the past year: ransomware attacks on hospitals and healthcare providers that are not seeking to breach patient information but instead render it inaccessible until the organization pays a hefty ransom. A study by the Health Information Trust Alliance found that 52% of U.S. hospitals’ systems were infected by malicious software. What is ransomware?

Primary topic: Business Networking
Business Networking
943 views
Read article
By Michael PetersRecently published1 topic

5 Best Practices for Complying with SEC & FINRA Cyber Security Standards

Both the SEC and FINRA have indicated that they will put heavy emphasis on cyber security enforcement throughout 2018. While FINRA is explicit—among other things, it publishes a cyber security checklist and a detailed report on best practices—the SEC’s guidance is far more general. This causes some confusion among affected companies regarding how to develop controls and internal policies in line with SEC and FINRA cyber security standards.

Primary topic: Business Networking
Business Networking
1,225 views
Read article