After a debilitating ransomware attack at United Healthcare that has caused some health care providers to lose up to $1 billion a day, the US Office of Health and Human Resources is investigating the hack. United Healthcare paid $22 million to the Russian ransomware gang that goes by AlphV and BlackCat. To learn more read arstechnica’s article: https://arstechnica.com/science/2024/03/paralyzing-cyberattack-spurs-federal-probe-into-unitedhealths-hipaa-compliance/
What is a vCISO?
A virtual chief information security officer (vCISO) is a third-party cybersecurity expert who provides organizations with strategic advice and guidance on information security matters. Typically there are one of three reasons to hire a vCISO: Your company's CISO may...
Welcome to TrustedCISO a vCISO Consulting Company
Hello and welcome to TrustedCISO! I have 30 years of experience in information security. Having been a Chief Information Security Officer (CISO) at RedSeal, Inc, I decided to launch my own vCISO consulting company in 2022. I am experienced in building SOC2 and...
Election Security and Telecommunications Breaches
In today’s complex digital landscape, cybersecurity threats are not just a corporate problem—they're a matter of national security. This week, significant news surrounding two major cyber issues demands attention: a breach of U.S. telecommunications infrastructure...
Manage Multiple Emails in Outlook
Did you know you can use Outlook for multiple emails? As a Virtual Chief Information Security Officer (vCISO), I work with multiple customers on a fractional basis. I end up having multiple emails. I order to make these manageable I add them to Outlook.
CISA Secure Small Businesses: Essential Guide
CISA’s guide to secure small businesses offers essential tips and strategies to protect your company from cyber threats.
Over 2 Million Affected by McLaren Healthcare Data Breach
In an era where digital information is king, the recent data breach at McLaren Healthcare serves as a stark reminder of the vulnerability of our personal data. In this incident, over 2 million individuals were impacted, marking it as one of the most significant...
Table Top Exercises for Business Continuity and Incident Response | TrustedCISO
A business continuity or incident response table top is a simulated scenario-based exercise designed to test an organization's ability to respond to a potential crisis or disaster situation. The exercise typically involves a group of key stakeholders and...
SOC2 Audit Services for Cloud and SaaS Providers – Contact TrustedCISO
SOC2 (Service Organization Control 2) has become the de facto audit requirement for the cloud in the commercial space. Whether your company has a SaaS product or you are evaluating a cloud service offering, you need to understand what SOC2 is and how to evaluate a...
Ransomware Attack
Ransomware attacks are not slowing down because it is a profitable business. According to Cybersecurity Ventures, ransomware damages were $20 billion in 2021 and are projected to be $42 billion by 2024.
Securing Cloud Serverless
Here are the best practices for securing cloud serverless architecture: Implement proper access controls: Use identity and access management (IAM) to set up fine-grained permissions for resources and APIs. Secure data in transit and at rest: Encrypt sensitive data and...
Building a Security Governance Program
Security governance is the set of policies, procedures, and standards that an organization establishes to manage its cybersecurity risks. The compliance program ensures the confidentiality, integrity, and availability of its data and assets. To be successful, ensure...
Multi-Factor Authentication (MFA)
Two Factor Authentication Did you know that you can prevent 99% of account attacks by using multi-factor authentication (MFA)? MFA also known as two factor authentication is one of the most important security measures you can take. 99.9% of account attacks are...