ControlScan Blog


Posts Tagged: Security Awareness



January 26, 2018Published by

This morning I read that Apple is letting you keep your medical records on your iPhone or Apple Watch and it got me thinking: How secure will this data be? How well will people work to protect their personal health data? I am a cybersecurity guy and I am a skeptic, so let me give you some facts and then some things to think about.

  Read More   


May 21, 2017Published by

Last week was a rough one in the IT world, as organizations around the globe scrambled to avoid being caught up in the WannaCry ransomware attack. If your organization was spared this round, it doesn’t mean you should pat yourself on the back and move on, business as usual. Fact is, most organizations aren’t at a state of security maturity that affords them this level of comfort.Read on for my list of 5 things any IT professional can learn from the WannaCry ransomware attack.

  Read More   


March 31, 2017Published by

Historically speaking, tax season is prime for tax-themed scams and social engineering attacks. Specifically, the number of W-2 phishing scams have peaked recently. Attackers and social engineers begin by targeting finance and HR departments with spear phishing emails that spoof C-level executives and request employee W-2 forms.

  Read More   


March 29, 2017Published by

The popularity of ransomware among cyber thieves continues to grow, not just in America but around the globe. Ransomware victims paid over a billion dollars in 2016 for decryption keys in the hopes that their data would be unlocked. Sometimes it was, sometimes it wasn’t. Read this blog post to learn the five things your business can do now to avoid becoming a victim of ransomware.

  Read More   


December 1, 2016Published by

Employees are one of the most overlooked and most dangerous areas of security risk in an organization. The human element is susceptible to all types of attack and error, not to mention their ability to act with malicious intent.While human security risk can never be completely eliminated, it can be significantly reduced. Read this ControlScan blog post to learn how.

  Read More   


June 6, 2016Published by

Have you been told your organization needs to comply with certain information privacy and/or security standards, such as PCI, HIPAA, etc.? If so, you may find yourself quickly overwhelmed with all the requirements for bringing people, processes and technology into “compliance.” Yes, compliance can suck.

  Read More   


May 20, 2016Published by

Your Company is Under Attack Your company’s networks are being probed, prodded and attacked countless times every day. Unless you’re watching your logs, you’re likely unaware all this activity is taking place. Awareness, being a critical element of an effective defense, is important to cultivate and nurture. The Science Behind the “Pen Test” How do […]

  Read More   


April 4, 2016Published by

Ransomware continues to make news headlines.In response to the growing ransomware threat, government agencies are issuing business alerts to raise awareness and offer guidance. Some of these recent alerts include:United States Computer Emergency Readiness Team (US-CERT) —  “Ransomware and Recent Variants” AlertFederal Bureau of Investigation (FBI) — “Ransomware on the Rise” PodcastAnd here is a […]

  Read More   


March 30, 2016Published by

Do you REALLY know where you stand with compliance and security? Are you faced with the dilemma of digging more deeply into your IT security and compliance posture or simply assuming it’s handled because your providers say they’re PCI compliant? Many online retailers really don’t understand exactly where a provider’s coverage stops and where theirs starts…and […]

  Read More   


February 26, 2016Published by


Taking care to not disclose patient information is critical to the success of any healthcare organization. In this post and accompanying video clip, I discuss the security issues I commonly run across in the healthcare setting, as well as actionable tips for preventing their occurrence.

  Read More   


November 25, 2015Published by

Social engineers play to people’s wants and needs, focusing on the mental triggers that can make a person do something. Learn what you can do to combat it.

  Read More   


November 9, 2015Published by

Today’s unprecedented breach activity—and the high costs breached companies are paying as a result—are causing executive teams to sit up and take notice. Those responsible for organizational IT are finding themselves under increasing pressure to reinforce and report on a strong security posture to stakeholders.

  Read More   


October 23, 2015Published by

Phishing remains a top organizational security vulnerability because it involves the exploitation of human weakness. If you have humans at your workplace—and we all do!—then you are at risk.

  Read More