Knowledge is the best attack deterrent, so check out our cyber security updates
24By7Security, Inc.

Biweekly Cybersecurity Newsletter - Feb 1st, 2017

Why Are We *Still* So Stupid About Passwords?

A study has revealed that people are picking millions of weak passwords. The latest analysis of leaked passwords shows that, unfortunately, little has changed when it comes to how most people pick their passwords. If the media stopped saying 'hacking' and instead said 'figured out their password,' people would take password security more seriously! It is a longtime information security dilemma: You can pick your friends, but you can't pick their password-creating practices. 


Go Phish! Why Every Company Should Hack Its Own Employees?

If there is one fear every CISO has, it’s the fear of a phishing attack, because every company, every C-Suite executive and every employee is vulnerable to this type of deception.

Due to the high volume of electronic messaging in the workplace, it only takes a momentary lapse in vigilance for a phishing scam to wreak havoc. Cybercriminals can steal company or personal data, delete files and deploy ransomware with just one email or one instant message.  In fact, the FBI estimates that CEO email scams have cost organizations more than $2.3 billion over the last three years. Phishing attacks are effective and common. But they do follow patterns and can be detected with the right education. This is why every company should phish itself. How should a Company run Regular self-imposed and interactive phishing campaigns?


Hacking in a Business Suit: Critical for Today’s Cybersecurity

Have you ever been hacked? Most people and business owners think, “We are just too small for this kind of thing.” In fact there’s no such thing as “too small” for cyber attackers. The more digital you become, the higher the threat of being hacked. Hackers are becoming even more creative, continuously improving and updating their skills. What can we do about it? Well - If you can’t beat them, join them. 


Highmark BCBS Delaware hit with security breach, affecting more than 19,000 members

Highmark Blue Cross Blue Shield of Delaware was recently hit with a security breach affecting 19,000 beneficiaries of employer-paid plans. The data breach involves two subcontractors of Highmark BCBS – Summit Reinsurance Services and BCS Financial Corporation. 

  • A ransomware infection was discovered
  • Affected Individuals were notified by mail, and would have been unlikely to have any dealings with the company in the past as insurance plans were provided through their employers.
  • The types of data that could potentially have been accessed include names, SSN, details of health insurance, providers’ names, medical diagnoses, and some clinical information.

Report HIPAA Breaches Without Delay

Presence Health Medical Center was required to report the breach to HHS and local media when it discovered the breach of 836 individuals. However, due to a miscommunication between its workforce members, it did not report breach to HHS for 105 days after the breach was discovered!

The HIPAA Breach Notification Rule requires that covered entities notify individuals and, if the breach involves more than 500 persons, report breaches to HHS and local media without unreasonable delay and in no event later than 60 calendar days after discovery of the breach. (45 CFR 164.404-.410). A separate HIPAA violation occurs for each day the covered entity fails to report the breach beyond the deadline.

Presence Health settled the alleged violations for $475,000.

Read More....

Upcoming Events!

BSides Tampa Security Conference - Feb 11, 2017

Michael Brown of 24By7Security Speaking at BSides Security Conference at University of Tampa.

More Information....

BSides Nova Security Conference - Feb 25, 2017

24By7Security Sponsoring the Inaugural BSides Northern Virginia Cybersecurity Conference at CIT - Center for Innovative Technology, Herndon, VA

More Information....

SFISSA - Security Conference - Mar 10, 2017

24By7Security Sponsoring, and Founder Sanjay Deo Speaking at SFISSA - Security Conference at Signature Grand, Davie, Florida.

More Information....

HackMiamiCon5 Security Conference - May 19 - May 21, 2017

Michael Brown of 24By7Security, Inc. Speaking at HackMiami Security Conference, at Deauville Miami Beach Resort, Miami Beach, Florida.

More Information....

Facebook Twitter Linkedin Youtube Google

About us

24By7Security, Inc. is a full service Cybersecurity strategy, implementation, operations and training firm.  We provide Cybersecurity and compliance related services across all functions of the enterprise. Our services include CFPB/DFA, FIPA, FERPA, GLBA, HIPAA, PCI, SOX, and others.

Visit Our Website

24By7Security, Inc.

4613, N. University Drive, Suite #267

Coral Springs, Fl - 33067

(844) 55-CYBER