A breach of a healthcare provider can have a serious impact, both in terms of financial loss and patient confidence. HIPAA violations can involve fines of up to $50,000 per patient record, and in many cases, attackers are able to access all of a provider’s patient records. Healthcare breaches are widely covered in the news, where the court of public opinion lays blame on the targeted organization. Current and future patients may think twice, even years later, about seeking care from a provider that was portrayed negatively by the press for data loss ..read more

It doesn’t matter who you are, your position, or the size of the company you work for, you never want receive that phone call saying that your company has been hit by a ransomware attack.  Most IT departments and staff do their very best to protect their network from attacks by regularly patching, installing firewalls and intrusion detection systems, segmenting their network, and performing vulnerability assessments, but the real truth is that an external threat is going to find its way inside your network in some form in the near future ..read more

With the rapid evolution of cloud based computing, many organizations face the fundamental question of whether or not they should employ third party solutions to facilitate convenience within their entity.  As technology advances, the outsourcing possibilities seem endless.  Everything from document collaboration, to payroll, data, and even entire applications and servers can now be managed off site, or in the cloud ..read more

With the rapid evolution of cloud based computing, many organizations face the fundamental question of whether or not they should employ third party solutions to facilitate convenience within their entity.  As technology advances, the outsourcing possibilities seem endless.  Everything from document collaboration, to payroll, data, and even entire applications and servers can now be managed off site, or in the cloud ..read more

While hacking and information security themed conferences such as DEF CON and Black Hat USA have a reputation of having hostile network environments with a large number of sophisticated attackers, other industries’ conferences, coffee shops, and even airport hotels have just as much potential for being target-rich environments. It is possible, with a bit of planning and discipline, to maintain the connectivity you rely upon for your job with an awareness of the risks and threats involved. Check out our white paper The Practical Guide to Security at Conferences, which discusses opera ..read more

I’m becoming very used to reading about the latest “ransomware” attacks each morning when I catch up on information security news over my first cup of coffee. Malicious software (malware) authors seem to have found a successful way of making money, and unsafe, yet common, practices are enabling it. Office-wide sharing of data with security as an afterthought, and the absence of strong backup and recovery processes fuel the continued rise of ransomware. Trends point to an increase in healthcare data being held for ransom, though no one is completely safe from being targeted by ransomware ..read more

At the Armed Forces Communications and Electronics Association’s Defensive Cyber Operations Symposium on April 20th, DISA Director LTG Alan R. Lynn described a shift in attackers’ operations. Lynn stated that it’s become “snatch and grab” rather than following traditional intelligence techniques of using good tradecraft (the set of an attacker’s operational techniques and tools) to compromise, monitor, and accomplish the mission while avoiding detection ..read more

Maintaining information security today is, in many ways, similar to maintaining your personal health. Yearly check-ups and health screenings could detect a potential problem. If a problem is detected, more invasive procedures are performed to get a definitive diagnosis before laying out a treatment plan. A similar process can be followed in cybersecurity. Traditionally, companies receive vulnerability scans which may or may not accurately detect a threat. Once a potential threat is detected, security professionals may conduct penetration testing to explore those threats to see if th ..read more

The old adage says, “it takes one to know one,” and we believe that is absolutely true when it comes to fighting cyber threats. Originally, hacker was a positive term for a person who enjoyed exploring the nuances of computers and stretching their capabilities. HORNE Cyber’s team of elite hackers use their expertise of the inner workings of computers, networks and software for the good of our clients, to uncover vulnerabilities and make IT environments more secure.  We spent time this week interviewing our Director of Cyber Operations Wesley McGrew to give you an inside view of a hacker ..read more

Last week, members of the security industry gathered for the annual RSA Conference to discuss the latest topics in information security, from the Apple vs. FBI encryption debate to the latest innovations in security software. Perhaps one of the hottest topics at RSA this year surrounded the risks posed by devices that make up the ‘Internet of Things.’ From automated manufacturing processes to industrial control systems, all the way down to the appliances in an office breakroom, IoT technologies are changing the way businesses are operating, making systems more efficient, and allowing for grea ..read more