Tag Archives: Incident Response Plan

DFW Area Friends – Join Me to Talk Real World Cyber Incident Response and Preparation at Tech Titans’ Cybersecurity Forum

Your organization has been breached, now what? That’s the title of our discussion at Tech Titans’ Cybersecurity Forum this Thursday, December 14, 2023, from 3:30 – 6:00 PM in Richardson, Texas. This event is available for both members of Tech Titans and non-menbers and you can register at this link: https://business.techtitans.org/events/details/cybersecurity-forum-december-14-2023-4826?calendarMonth=2023-12-01 I will be moderating …

Continue reading “DFW Area Friends – Join Me to Talk Real World Cyber Incident Response and Preparation at Tech Titans’ Cybersecurity Forum”

HHS Releases HPH Sector Cybersecurity Framework Implementation Guide to Help Healthcare Organizations Leverage NIST Cybersecurity Framework

On March 8, 2023, the U.S. Department of Health and Human Services (HHS) released its HPH Sector Cybersecurity Framework Implementation Guide (the Guide) to help healthcare organizations leverage the NIST Cybersecurity Framework. This Guide is not only a must-read for all healthcare “covered entities,” especially small and midsize organizations, but it is excellent advice for …

Continue reading “HHS Releases HPH Sector Cybersecurity Framework Implementation Guide to Help Healthcare Organizations Leverage NIST Cybersecurity Framework”

OCR Releases Video Guidance on Recognized Security Practices for National Cybersecurity Awareness Month

On October 31, 2022, the U.S. Department of Health and Human Services Office of Civil Rights provided guidance titled OCR Releases New Recognized Security Practices Video. This guidance is not only a must-read for all healthcare “covered entities,” especially small and midsize organizations, but it is excellent advice for all organizations — healthcare and non-healthcare …

Continue reading “OCR Releases Video Guidance on Recognized Security Practices for National Cybersecurity Awareness Month”

OCR Guidance on HIPAA Security Rule Security Incident Procedures for National Cybersecurity Awareness Month

On October 25, 2022, the U.S. Department of Health and Human Services Office of Civil Rights in its October 2022 OCR Cybersecurity Newsletter provided guidance titled HIPAA Security Rule Security Incident Procedures. This guidance is not only a must-read for all healthcare “covered entities,” especially small and midsize organizations, but it is excellent advice for …

Continue reading “OCR Guidance on HIPAA Security Rule Security Incident Procedures for National Cybersecurity Awareness Month”

Ransomware Attacks! The 5 Best Practices the White House Urges all Businesses to Take to Mitigate Them

The threat of ransomware attacks against all American businesses is so great that on June 2, 2021, the White House issued a memo to all corporate executives and business leaders with the subject “What We Urge You To Do To Protect Against The Threat of Ransomware.” This is the first time such a memo has ever been …

Continue reading “Ransomware Attacks! The 5 Best Practices the White House Urges all Businesses to Take to Mitigate Them”

Digital Extortion Drama: Deconstructing the Ransomware Response Lifecycle

THIS IS NOW AVAILABLE VIA DOWNLOAD FOR FREE: Join me for SecureWorld’s #SecureWorldVirtual Central on May 6 as I’ll be presenting the Keynote on Digital Extortion Drama: Deconstructing the Ransomware Response Lifecycle. Register here with promo code SWVCSOC for *FREE* registration: https://lnkd.in/dzREw4A Here are the slides and the audio podcast of the presentation.

Nearly half of all businesses hit by cyber attacks in 2020 — 3 steps to help prepare your business

43% of businesses in the United States and Europe were hit with a cyber attack in 2020, an increase of 5% from 2019 which was 38%, according to Hiscox’s Cyber Readiness Report.  Businesses cannot ignore this threat and must face it head-on. All businesses should now have an operational and maturing cyber risk management program …

Continue reading “Nearly half of all businesses hit by cyber attacks in 2020 — 3 steps to help prepare your business”

We need more humility in cybersecurity

We need more humility in cybersecurity. Let me explain … I was scrolling through LinkedIn and came across a comment on a post about FireEye from my friend Raf Los that reminded me of this issue and a webinar I did with SecureWorld several months back. In the webinar, I was asked what is the …

Continue reading “We need more humility in cybersecurity”

***URGENT*** MEMO TO: “The IT Guy” RE: Securing RDP Access–Changing the RDP Port Does Not Work!

***URGENT MEMORANDUM*** TO:   “The IT Guy” FROM:   Your clients’ Incident Response Coach SUBJECT:   Securing RDP Access–Changing the RDP Port Does Not Work! This Memo comes out of necessity, please take it seriously. I have now lost track of how many times over the past couple of months I have been on “scoping calls” with a …

Continue reading “***URGENT*** MEMO TO: “The IT Guy” RE: Securing RDP Access–Changing the RDP Port Does Not Work!”

2 Critical Cyber Insurance Issues All Companies Must Consider Now, Before an Incident!

There are two critical cyber insurance issues that every single company must understand right now, before they have an incident:  In today’s environment, every company has substantial cyber risk and every company needs cyber insurance. Period. Cyber insurance is not covered by typical business insurance and companies must have the right cyber insurance for their …

Continue reading “2 Critical Cyber Insurance Issues All Companies Must Consider Now, Before an Incident!”