FoxPointe Security Hub

As was originally reported by the technology website Ars Technica and by several Albany, NY-based business and news publications such as Times Union, an Albany-based accounting firm recently suffered a ransomware attack most likely from the ransomware ring known as Maze. Maze and other ransomware…

While the majority of America’s attention is undoubtedly currently focused on issues of race and the ongoing COVID-19 pandemic, two weeks ago, India made a decision that has far-reaching global implications. In a press release issued on June 29th, the Press Information Bureau of India…

Our globe is linked through a fragile network that deals with healthcare, government, banking, and corporate data, while DoS attacks, website defacement, and other cyber-attacks are on the rise. The number of phishing attacks alone has skyrocketed over the last few years. Cyber Risk By the Numbers…

COVID-19 has introduced many challenges to personal and professional lives. While we continue to adapt, we must remember to continue to perform sound security and privacy practices, including when it comes to vendor management. We look to vendors as trusted partners for many aspects of our supply…

The 2020 Global Security Report, issued by cybersecurity and managed service provider, Trustwave, is an annual report detailing facts and trends observed in the world of information security. This annual report analyzed the threats and statistics observed throughout the world in 2019, and the…

The toll on life in the United States and the world left by COVID-19 has been great. The impact on our families, health, businesses, and the world economy will be felt by many for years to come. Hospitals of every type — private and public, urban and rural — are especially paying a heavy…

You know you are living in a crazy time when there is a pandemic consuming the entire world and it mysteriously causes all the toilet paper to disappear off the shelves. But the true indication of craziness is when Apple and Google, notorious technology rivals, come together for the common good and…

As part of our everyday lives, both in and out of the workplace, having a heightened awareness for information security is getting more important by the day. As innovation in technology heavily influences how our government, business, and day to day lives operate, new potential methods of…

In all of my years in information technology and information security, I was trained to reduce the risks of a computer virus. Never in my wildest imagination did I think I would have to deal with risks related to a different type of virus – a biological one. While it may not be apparent at a…

This past December, the Office of the Comptroller of Currency (OCC) released the fall edition of its Semiannual Risk Perspective, a report that addresses key issues facing Financial Institutions, focusing on those that pose threats to the safety and soundness of banks and their compliance with…

CrowdStrike, an industry-leading next generation anti-virus software as a service solution provider, recently published a report of its observations from its incident response investigations that it conducted during 2019. The report is the product of numerous investigations, pulling in data from a…

Investment risk management is ultimately about protecting and growing your assets over your time horizon. This involves addressing the aspects of your investment program that can be controlled and then minimizing your exposure to what cannot be controlled. Information Technology (IT) risk management…

The healthcare industry is one of the biggest targets of cybersecurity attacks, both domestically and internationally. With the amount of private data that these organizations have, including protected health information (PHI), healthcare organizations should learn from previous attacks and/or…

Two weeks ago, the United States launched an air strike targeted at the Iranian Military and subsequently led to the assassination of the Iranian military leader Qassem Soleimani. In a response from Esmail Ghaani, Soleimani’s replacement as the head of the Iranian Army, promised harsh revenge…

Last week, the Department of the Treasury Financial Sector Cyber Information Group (CIG) and the Department of the Treasury’s Financial Crimes Enforcement Network (FinCEN) released a joint alert focused on notifying financial institutions that an increasing number of cyberattacks utilizing the…

HITRUST puts on regular webinars to help educate individuals on the components, tools, and programs offered by the organization. As a HITRUST CSF Assessor, we make it a point to attend these webinars to stay up-to-date on the latest information. The webinar I listened to on 12/11 covered…

On the heels of New York passing the Stop Hacks and Improve Electronic Data Security (SHIELD) Act in September 2019, the IRS issued a warning to tax preparers and accounting firms to ensure that they appropriately secure their customer data against the “evolving” and…

Recently, HITRUST established a new quality assurance (QA) subcommittee of its Board of Directors and introduced several new assurance advisories. These updates impact Certified Common Security Framework Practitioners (CCSFP), individuals who have completed and maintained training and certification…

In the not so distant past, the threat of a person or people stealing money or assets from your business was limited to a lack of physical security or a malicious employee. Businesses utilized safes, video surveillance systems, internal controls and audits to keep their...

Today marks the beginning of National Cybersecurity Awareness Month. From CEOs to college students, cybersecurity is on everyone’s radar; and cyberattacks aren’t going away anytime soon. For businesses, it’s not a matter of if a breach will occur but when – an incident is…