The CIS Critical Controls were developed as a framework to not only ensure the successful realization of basic cybersecurity hygiene, but to lead to the planning and implementation of a robust security protocol. To build any cybersecurity protection schemata, it is necessary to know the extent of what it is you are protecting.
About Christian Espinosa
This author hasn't written their bio yet.
Christian Espinosa has contributed 117 entries to our website, so far.
It is often easy to take the “that could never happen to me” mentality. We’ve all heard the story of someone’s uncle who was catfished out of his life savings by someone from another country whom he never met, but is the love of his life. While the need for human connection may not be every individual’s weak point, everyone has at least one. In the business environment, humans are invariably the weak link in the security chain. Cybercriminals are particularly adept at manipulating the human element to extort money, intellectual property, and resources.
The Internet of Medical Things (IoMT) is one of the most revolutionary developments in healthcare today. It empowers physicians to monitor patients remotely by providing the patient with network-enabled devices. These devices can track a wide variety of processes, from medication compliance to blood glucose level. Recalls of IoMT devices include pacemakers, infant heart rate monitors, insulin delivery systems, drug infusion pumps, and more. The time is now to focus on IoMT cybersecurity.
At the small to midsize business level, cyberattacks aren’t merely annoying — they can spell certain doom for those already struggling to get by. Hence the need for robust security protocol. That’s exactly what the Center for Internet Security provides with its Top 20 list of Critical Security Controls. While these controls have been in the making for well over a decade, they’ve recently gained greater prominence at the federal and state level — and among private entities. In this blog we offer an in-depth overview of this critical security tool, as well as suggestions for implementation.
Ransomware’s sister threats are a different form of cyber crime called cyber blackmail or cyber extortion. Blackmail doesn’t necessarily involve sophisticated technology. But ransomware and cyber extortion typically do. While these two types of malware share common themes, they also differ in key respects. What’s the difference between ransomware and extortionware? And what can you do to prevent your company from becoming a victim of cyber crime?
A cyber threat map, also known as a cyber attack map, is a real-time map of the computer security attacks that are going on at any given time. One of the most famous was released by the company Norse and went so viral, even among non-hackers, that it got its own story in Newsweek in 2015.
Warfare is no longer about dumping thousands of men in a field and shooting at each other. Today, non-governmental forces are packing explosives onto commercially available drones and flying them over crowded areas. This past August, a dissident organization called Soldiers in T-Shirts attempted to assassinate Venezuelan President Nicolás Maduro using a drone. While this attempt was unsuccessful, it marked the first time — but almost certainly not the last — that a paramilitary organization tried to assassinate a sitting head of state with a drone.
Hacking humans with nanotechnology may sound like a concept from a futuristic science fiction novel or movie, but the truth is, it’s not that far off and it could be the next big cyberthreat. If you thought data breaches involving your social security number or credit card information were scary, imagine the ramifications nanotechnology hacking.
It happens across industries, from refrigerator repair to software sales. You get good enough at your job, you get promoted to management and then become an executive. The field of information security is no exception. What skills do you need to be an effective CISO and what is the Certified CISO program? This blog covers these topics.
This blog features an interview of Alpine Security’s CEO, Christian Espinosa, on medical device security by Caroline Cornell, originally posted at classaction.com. Medical devices have largely been neglected from a cybersecurity perspective. Many of these devices run legacy operating systems, are full of vulnerabilities, and were not intended to be connected to hospital networks.
Penetration testing, also known as ethical hacking, is one of the hottest jobs in tech today. What other career lets you pretend you’re in The Matrix, working your way into systems like a top-level hacker, all without breaking any laws. Oh, and you’re getting paid for it.With a real-world penetration testing job, though, you’re not just playing at hacking into systems. You actually are hacking into systems, and your employer’s very existence may depend on your ability to do it.
You’ve probably seen leetspeak, also known as 1337 or “l33t,” somewhere on the Internet or in a movie about computer hacking. It’s essentially regular English, but with more hacker slang and with certain letters changed to numbers. In this blog, we cover the history of leetspeak and how it applies to you.
Penetration testing, also known as pen testing, is an ethical hacking tactic that helps companies protect themselves. Penetration testers try to break into clients’ digital systems to find weaknesses before a black hat hacker does. This is a growing field as companies seek to prevent the high profile data breaches that have happened in recent years. The top penetration testing certifications can help you get into this field.
Penetration testing has been around since human beings first began trying to understand their enemies’ thought processes. Ancient armies all over the world conducted mock battles and games to figure out how other armies might undermine their strategies or get around their forces. This continued for centuries upon centuries until, inevitably, the tech world got in on the act.
Hacked medical devices could be the next big security nightmare. There are currently between 10 and 15 connected devices per hospital bed in the United States, many of which are vulnerable to attack.
Organizational leaders must understand that comprehensive, risk-based decisions are vital to balancing the force multiplying effects of information systems with the risk of those systems being inherently vulnerable to exploitation. If you want to prevent or reduce the likelihood of an attack, you have to risk management strategy: how your organization will frame, assess, respond to and monitor risk over time.
If you are looking for the best cybersecurity career path this article has everything you need. We explain the best post graduation steps you need to take to get your foot in the door with major cybersecurity companies.
If you run a business that manages sensitive data, you’ve got to be concerned with your cybersecurity. In this article, we’ll break down the 8 most common types of cyber attacks and how to stop them.
Whether you want to get an entry-level cybersecurity position or you just want to enhance the skills you already have, here is a list of the top 5 cybersecurity certifications employers are looking for.
As a healthcare facility who deals with a lot of sensitive information, you have to make sure you’re HIPAA compliant. In this article, you’ll find a compliance checklist that’ll help you cover all your bases and are HIPAA compliant.
Connect with Us
- At Risk: Medical Device Cybersecurity Vulnerabilities Expose Patients to Life-threatening Consequences
- 5 Reasons to Hire a Fractional CISO
- Why Private Cybersecurity Training Matters for Your Organization
- Is the CEH Certification Right For You?
- Internal Penetration Test vs Vulnerability Assessment: Which is Right for You?
- Best Beginner Cybersecurity Certification to Get
- Over-complicating Risk in Cybersecurity
- Hacking Medical Devices for Profit, Terror, Assassination, and Enemy Advancement
- Penetration Testing for Compliance: The Top 5 Laws and Regulations that Require Testing
- Securing Medical Devices – Is it Possible?
- The State of Small Business Cybersecurity in 2020
- Medical Device Security: Patient Safety Takes Precedence Over Privacy
- Hidden Costs of the Small Business Data Breach
- The Myth of the Cybersecurity Skills Gap
- Black Box Penetration Testing Explained