No rest for health care on data security

Making the rounds last week was Verizon’s 2019 Data Breach Investigations Report.  Analyzing over 41,000 security incidents and over 2,000 data breaches during 2018, the study examines the state of affairs across industries.  One interesting figure to note is that well over half of data breaches in health care are caused by insiders; but in… Read More

What are the financial costs of a data breach?

It has been a while since we last examined what sort of financial costs companies were enduring due to data breaches.  As it happens, they’re finding out that information for themselves. In the news this week are examples of a few such penalties.  A 2016 breach is now costing retailer Eddie Bauer a $9.8 million… Read More

Mystery database breach – Could you be one of the 80 million exposed?

Here’s a data breach mystery.  It isn’t often that we see a major breach and yet not know for sure who has been affected.  Yet that is exactly what we have here, in a story that’s been trending this week, when researchers discovered a 24GB database on an unsecured Microsoft Azure cloud server.  Although the… Read More

How to best respond to a data breach

Did you make a resolution to join a gym in 2019?  That’s probably the generic go-to pledge.  If you did, however, and if you ever bought equipment from’s online store, your data might have been put at risk.  We often see how an organization’s employees can be the weakest link in the security chain,… Read More

Breaches at Microsoft and the Federal Government

It has been a hectic week for cybersecurity.  I can’t even begin by saying “the big news you might have heard about is,” because that could apply to at least two separate things.  This past weekend, Microsoft disclosed a data breach of its Outlook, Hotmail and MSN systems.  Although no passwords or email content were… Read More

Potential legislation for corporate data negligence?

Congress is sure going for the throat on this one.  Though it is unlikely to pass, Sen. Elizabeth Warren has proposed legislation that would allow for jail time for executives in cases of corporate fraud and negligence. This Corporate Executive Accountability Act (CEAA) seeks to circumvent what its proponents perceive as a traditional lack of… Read More

Big Data, Collected and Shared

The recent announcement from the Federal Emergency Management Agency (FEMA)—about accidentally revealing banking and other personal information on over 2 million people—is yet another example of insecure data sharing, and how different groups might respond differently to the risks of big data. Many survivors of the various major hurricanes and the California wildfires over the… Read More

Educating Students on Cybersecurity

Recently checking my old high school’s website, curious how much the curriculum had changed, I was impressed by the differences I found.  Among other new additions, there were even several tech/computer courses that my class definitely was not offered.  Of course, this is a much more recent trend, and other schools have followed suit. What… Read More

Encryption as Part of the Defense Strategy

I always take slight issue with data security articles that say in the title that encryption won’t protect against breaches.  To me it’s a little misleading.  It carries the implication that encryption is almost unnecessary, when that’s not what the article actually goes on to say.  Quite the opposite.  Rather, what they invariably mean is… Read More

Cybercrime targeting your kids and your DNA

Part of this blog’s purpose is to keep people up to date with the latest threats from cyber criminals.  Naturally, when we find mention of a trend neglected by the research community, I feel obligated to give it what small signal boost I can.  In this case, it’s in the field of biotech, and new… Read More