Here is an important tax reminder for Information Technology related spending

Under Section 179, your business is eligible to deduct up to $25,000 worth of equipment as long as it is purchased and operational by December 31, 2014.Phones, computers, software, office equipment and office furniture qualify for this deduction. If you [...]

Here is an important tax reminder for Information Technology related spending2014-12-02T17:33:00-08:00

Key Questions to Answer After Getting CryptoWall or CryptoLocker

1.       What date did you get infected? 

You might only have a few days to pay the ransom until it goes from $500 to $1000.  After 30 days you might not be able to decrypt the files at all.

2.       What type of files got infected and what do they mean to your business?

If the files are not worth $500 then don’t pay the ransom.  If the files are worth $5 million then you better be very careful and thoughtful about what you do.  The decryption process might not even work and if so....

Key Questions to Answer After Getting CryptoWall or CryptoLocker2024-10-09T05:22:40-07:00

What Do I Do if I have CryptoWall or CryptoLocker?

I am surprised how many people are still calling with CryptoLocker problems.   I have gotten three calls in the past two days from people who have had infected/encrypted Cryptolocker files for as long as three months and they are just now dealing with the issue.  At this point in time I am not even sure paying the ransom will work for victims as the CryptoLocker network was taken down a couple of months ago by international law enforcement and with CryptoWall users only have 30 days to comply with the ransom demands.

So what options do you have if you are like these recent callers?

What Do I Do if I have CryptoWall or CryptoLocker?2014-10-13T21:22:18-07:00

HIPAA business associate agreement consultations could be unlawful

Here is a controversial article written recently by Kevin McDonald for TechTarget. ------------------------------------------------------------------------------------------------------------------------------------- Under federal law, the Health Information Portability and Accountability Act (HIPAA) Privacy Rule extends to a class of business entities (i.e., health plans, health care clearinghouses and [...]

HIPAA business associate agreement consultations could be unlawful2020-04-29T22:44:01-07:00

Is Antivirus Software Really Dead?

I am curious what Dye’s definition is for "cyber-attack?" One this is for sure, the motivation of hackers and malware has changed dramatically over the years. The threats are new and different today. Going back in history most malware was related to someone wanting cyber fame, making a political statement or just plain mischievousness. Now with the advent of ransomware, spam mailing bots and

Is Antivirus Software Really Dead?2017-11-13T07:30:06-08:00

Exploring the risky business of cyber insurance and IT services contracts

In my time as a security consultant and managed services provider, I've seen some questionable behavior and attitudes. Prime among them is the common belief in the business community that indemnity offered by cyber insurance and contracts replaces prudent actions [...]

Exploring the risky business of cyber insurance and IT services contracts2020-04-29T22:43:11-07:00

Who has a Legal Obligation to Upgrade Windows XP, Office 2003 and Exchange 2003?

The best source of information covering this requirement comes from NIST, the National Institute for Standards and Technology.  They have a set of documents that are the standards for many requirements.  There is nothing specific in the NIST guidelines about the end of life for Windows XP, however, the need to provide Flaw Remediation is clear and that is what the X, Office 2003 and Exchange 2003 support requirements fall under.

 For example, NIST Special Publication (SP) 800-531 requires the SI-2, Flaw Remediation security control, which includes installing...

Who has a Legal Obligation to Upgrade Windows XP, Office 2003 and Exchange 2003?2024-04-21T19:43:10-07:00

Schnuck’s Might Be in Big Security and Insurance Trouble, Can the Same Be in Store for Your Firm?

Is it better to insure than secure?  Maybe not.  You better dust off those old insurance policies that most of us look at all too infrequently.  Schnucks has been notified by their insurance carrier that they don’t plan to cover them for the lawsuits.

The problem that likely exists with your current insurance policy is that they were designed and sold in a pre-Internet era.  Data is not considered....

Schnuck’s Might Be in Big Security and Insurance Trouble, Can the Same Be in Store for Your Firm?2023-08-10T23:36:44-07:00

Is China Attacking Your Business?

Last week President Obama issued another executive order regarding cyber security.  He followed up in his State of the Union speech by talking about foreign actors trying to sabotage our critical national infrastructure and private companies.   The use of executive [...]

Is China Attacking Your Business?2013-02-20T02:06:57-08:00

Beware Of How You Answer Audit Or Assessment Questions

If you are regulated under any of the myriad government and industry regulations from ITAR, FIPS, CLETS and PCI, to HIPAA and Red flags, the process of responding to security, integrity, and availability verification is not a simple exercise. It is more than answering questions in the positive. Polices, procedures and declarations of compliance are contracts with your company, partners, clients and government regulatory bodies. What do I mean?

Beware Of How You Answer Audit Or Assessment Questions2011-04-01T04:20:00-07:00