Risk Assessments, Security, CIO, Cybersecurity, Security Consulting, Healthcare, CISO, HIPAA, Infosecurity, Health Information Security, Threat-Based Risk

When to get a Threat-Based Risk Assessment

Healthcare CISOs and CIOs continue to struggle to get the resources they require to address increasing threats in the digital environment and too often they are presented with risk analysis reports that simply contain a laundry-list of security control failures.

Read More
By Security Consulting Team on Feb 20, 2020 11:32:31 AM
Security, Passwords, Cyber Monday, Cell Phone, Juice Jacking, USB Ports, Hacker, Security Breach, Black Friday

3 Ways to Protect Your Data From Hackers

(A friendly reminder from our RSP team on practical ways you can avoid being a target of identify theft when shopping on & offline this holiday season.)

What's Your Cellular Data (Protection) Plan?

There’s no shortage of stories from around the globe on new ways that hackers are learning to access our personal data.  Important preventative measures include keeping up-to-date antivirus software, having an active firewall, and using strong passwords.  Even with these controls in place, this can lead to a false sense of security.

While many of us focus on protecting laptops and computers, we often don’t stop to think about protecting our personal or work-assigned smartphones, which is exactly what criminals are counting on. 

Read More
By Security Consulting Team on Nov 23, 2018 4:27:17 PM
Leadership, Security, Privacy, PCI, SystemAdministrators, Authentication, Passwords, PasswordComplexity, Captcha

Password123! - Why Does Authentication Have to Be So Hard?

Password complexity and authentication has always been a subject of contention both for users and system  administrators. Many assume that forcing users to create more complex passwords, and changing them frequently,   will lead to greater system safety - in theory this may be true. Given human nature, things rarely go as planned and research has shown that forcing users to comply with these additional requirements has actually had a detrimental effect on system security.

Read More
By Security Consulting Team on Sep 13, 2018 11:28:04 AM
Security, Privacy

Looking Back at RSA Conference 2018

With RSA Conference 2018 behind us, we asked Onliner Derek Nwamadi to share some of his observations from the conference floor. 

This year’s RSA Conference did not disappoint. Once again attendees were treated to a great line up of presentations, events, and an always impressive expo floor. Looking back at my week at RSA, one word kept coming to 

mind – 

Trust; we seem to be living in an age where we are technology and data rich but trust poor. 

As always, there are some technologies and buzzwords that become industry hot buttons and generally drive it for the rest of the year (more on that later). 

Read More
By Security Consulting Team on Apr 24, 2018 2:00:06 PM

What are the Spectre and Meltdown Vulnerabilities?

As you may have heard in the news, computer researchers have recently discovered a design flaw that results in a security vulnerability in the CPU chip that powers nearly all the world’s computers, including PCs, smartphones, and data center computers. This hardware bug allows malicious programs to steal data that is being processed in the computer memory. The name given to these vulnerabilities is ‘Meltdown’ for Intel chips or ‘Spectre’ for AMD and ARM chips. The first reports were published on January 2, 2018, prior to a coordinated disclosure scheduled for the week of January 8. There is no evidence of exploitation at this time, but the publicly disclosed proof-of-concept (PoC) exploit code could result in the vulnerabilities being weaponized for malware delivery.

Read More
By Security Consulting Team on Jan 8, 2018 5:20:00 PM

How to meet your cybersecurity needs when unemployment is at 0%

There is a huge problem in cybersecurity. It has been festering for years and it isn’t going away anytime soon. This problem isn’t the latest zero day threat, malicious attackers, or even a rogue nation-state. There is a scarcity of cybersecurity professionals available to meet the increasing need for improved cybersecurity among businesses. The lack of qualified cybersecurity personnel has been a concern for years. Recently, the problem has intensified as organizations become more aware of their own vulnerabilities. 

Read More
By Security Consulting Team on Dec 7, 2016 11:25:13 AM

The First 15 Minutes - Common Pen Test Findings


Over the years, our team has performed thousands of penetrations tests. In the first 15 minutes of a pen test there are a handful of issues that we often discover. These issues are simple to understand and they're easy to correct, but they're almost always there.  They don’t require authentication, need minimal expertise to find, and aren't the focus of the OWASP Top 10.

Read More
By Security Consulting Team on May 20, 2016 3:58:53 PM