Author Archives: Shawn E. Tuma

Think your company is too sophisticated to be hit with a successful cyber attack? Ask FireEye …

A lot of business executives — and far too many IT professionals — think that their company’s IT systems are too sophisticated and well-maintained for their company to have a successful cyberattack against it. They think their company is doing it all right and this is only the kind of stuff that happens to “the …

Continue reading “Think your company is too sophisticated to be hit with a successful cyber attack? Ask FireEye …”

2 Critical Cyber Insurance Issues All Companies Must Consider Now, Before an Incident!

There are two critical cyber insurance issues that every single company must understand right now, before they have an incident:  In today’s environment, every company has substantial cyber risk and every company needs cyber insurance. Period. Cyber insurance is not covered by typical business insurance and companies must have the right cyber insurance for their …

Continue reading “2 Critical Cyber Insurance Issues All Companies Must Consider Now, Before an Incident!”

Simple Mistakes – Not Always “The Hackers” – Can Cause Substantial Data Breaches

It is not always the feared and dreaded “hackers” that cause the exposure and breach of confidentiality of sensitive personal information. Sometimes it’s just simple mistakes, but the consequences can be much the same. Consider this situation: NTreatment inadvertently exposed thousands of medical records online by neglecting to add password protection to one of its …

Continue reading “Simple Mistakes – Not Always “The Hackers” – Can Cause Substantial Data Breaches”

Think your company is too sophisticated to be hit with a ransomware attack? Ask Advantech …

A lot of business executives — and far too many IT professionals — think that their company’s IT systems are too sophisticated and well-maintained for their company to have a successful ransomware attack against it. They think their company is doing it all right and this is only the kind of stuff that happens to …

Continue reading “Think your company is too sophisticated to be hit with a ransomware attack? Ask Advantech …”

1 More Reason Why Your Company Faces Awful Ransomware Odds

In the world of security, the odds are already stacked against you. You have to get security right 100% of the time and a threat actor only needs one lucky shot to get past your defenses. That’s bad. When it comes to ransomware, it gets worse. Volume. Sheer volume. Sheer volume of attacks. You take …

Continue reading “1 More Reason Why Your Company Faces Awful Ransomware Odds”

The Home Depot / State Attorneys General Settlement – My 1st and 2nd Thoughts

The Attorneys General of 46 states reached a $17.5 million-dollar settlement with The Home Depot, which was announced on November 24, 2020. Texas Attorney General Ken Paxton announced that this settlement was led by the Connecticut, Illinois, and Texas AGs and Texas will collect $1,777,440.00. I will have more to say about this settlement in …

Continue reading “The Home Depot / State Attorneys General Settlement – My 1st and 2nd Thoughts”

ASPR Warns Ransomware Threat is Persistent, as Actors Leak More Data

“In general, maintaining anti-ransomware best practices like the 3-2-1 backup system or conducting regular vulnerability scanning to identify and address vulnerabilities will help protect your organization against future threats from other ransomware operators,” according to the alert. — Read on healthitsecurity-com.cdn.ampproject.org/c/s/healthitsecurity.com/news/amp/aspr-warns-ransomware-threat-is-persistent-as-actors-leak-more-data

Free Virtual Event: Reimagine Your Company Operating Again After a Ransomware Attack (DBU Tech Symposium)

You are invited to attend a free virtual DBU Tech Symposium on November 18 – 19, 2020. Did I mention this is both free and virtual? You have no excuse for not attending! RSVP here: https://www.dbu.edu/pages/tech-symposium/  I will be presenting on Wednesday, November 18, from 2:30 – 3:00 pm CT and the title of my …

Continue reading “Free Virtual Event: Reimagine Your Company Operating Again After a Ransomware Attack (DBU Tech Symposium)”

Podcast: #DtSR Episode 410 – TPA CISO Accountability Problems

I was a guest recently on the Down the Security Rabbithole Podcast with Raf Los, James Jardine, and Brandon Dunlap for episode 410 titled TPA CISO Accountability Problems. As they described it: Because we can’t get enough of Brandon Dunlap and Shawn Tuma over here on the podcast, here we go again. Last episode Brandon …

Continue reading “Podcast: #DtSR Episode 410 – TPA CISO Accountability Problems”

Podcast: #DtSR Episode 408 – Shawn Tuma Cyber Superhero :)

I was a guest recently on the Down the Security Rabbithole Podcast with my good friends Raf Los and James Jardine who cleverly (and, kindly) titled this episode “Shawn Tuma Cyber Superhero” — thanks, guys! Anyway … as they described it: This week, on episode 408 Shawn Tuma joins us again to talk about the …

Continue reading “Podcast: #DtSR Episode 408 – Shawn Tuma Cyber Superhero :)”