ControlScan Blog

Posts Tagged: Security Awareness



  1. Home
  2. ControlScan Blog
  3. Posts Tagged: Security Awareness

Cybercriminals are Taking Advantage of Coronavirus Fears

March 18, 2020Published by

With an immense amount of FUD (fear, uncertainty, doubt) circulating regarding coronavirus/COVID-19, cybercriminals are playing on those emotions and have already begun to alter their attack methods, patterns and content. We have received multiple reports from our customers, along with threat identification in our SOC, of attackers using coronavirus-related messaging in their phishing attempts for email compromise and malware/ransomware infection.

  Read More   

Healthcare Data on Your Mobile Device

January 26, 2018Published by

This morning I read that Apple is letting you keep your medical records on your iPhone or Apple Watch and it got me thinking: How secure will this data be? How well will people work to protect their personal health data? I am a cybersecurity guy and I am a skeptic, so let me give you some facts and then some things to think about.

  Read More   

Phishing Attempts: Increasingly Prevalent and Sophisticated

November 17, 2017Published by

When they’re successful, phishing attempts can have a significant impact on you personally, as well as on your workplace. They begin innocently enough—a seemingly legitimate DocuSign request or email from a friend—but they can quickly turn your world upside down.Avoid becoming a victim of phishing by following these 3 best practices.

  Read More   

Minimizing the Human Impact on Data Security

August 28, 2017Published by

These days many organizations do not feel confident about their ability prevent a data breach, mainly because they feel they can’t trust the humans working for them. And for good reason! Cyber criminals continue to exploit the human element, which was blamed for over 400 reported data breaches and 7.6 million+ compromised records in 2016.Regardless of whether the employee is knowingly part of a malicious effort, or is inadvertently involved in allowing an intrusion or other form of unintended disclosure, a breach of valuable data is not what you want to have happen. Therefore, you must minimize the human impact.

  Read More   

The WannaCry Ransomware Attack: 5 Things IT Pros Can Learn

May 21, 2017Published by

Last week was a rough one in the IT world, as organizations around the globe scrambled to avoid being caught up in the WannaCry ransomware attack. If your organization was spared this round, it doesn’t mean you should pat yourself on the back and move on, business as usual. Fact is, most organizations aren’t at a state of security maturity that affords them this level of comfort.Read on for my list of 5 things any IT professional can learn from the WannaCry ransomware attack.

  Read More   

Social Engineering: Don’t Fall Victim to Tax Phishing!

March 31, 2017Published by

Historically speaking, tax season is prime for tax-themed scams and social engineering attacks. Specifically, the number of W-2 phishing scams have peaked recently. Attackers and social engineers begin by targeting finance and HR departments with spear phishing emails that spoof C-level executives and request employee W-2 forms.

  Read More   

Five Things You Can Do Now to Avoid Ransomware

March 29, 2017Published by

The popularity of ransomware among cyber thieves continues to grow, not just in America but around the globe. Ransomware victims paid over a billion dollars in 2016 for decryption keys in the hopes that their data would be unlocked. Sometimes it was, sometimes it wasn’t. Read this blog post to learn the five things your business can do now to avoid becoming a victim of ransomware.

  Read More   

Reviewing Human Security Risk in Your Organization

December 1, 2016Published by

Employees are one of the most overlooked and most dangerous areas of security risk in an organization. The human element is susceptible to all types of attack and error, not to mention their ability to act with malicious intent.While human security risk can never be completely eliminated, it can be significantly reduced. Read this ControlScan blog post to learn how.

  Read More   

The Secret to Making Compliance Suck Less

June 6, 2016Published by

Have you been told your organization needs to comply with certain information privacy and/or security standards, such as PCI, HIPAA, etc.? If so, you may find yourself quickly overwhelmed with all the requirements for bringing people, processes and technology into “compliance.” Yes, compliance can suck.

  Read More   

Get Ahead of the Bad Guys with Penetration Testing

May 20, 2016Published by

Your Company is Under Attack Your company’s networks are being probed, prodded and attacked countless times every day. Unless you’re watching your logs, you’re likely unaware all this activity is taking place. Awareness, being a critical element of an effective defense, is important to cultivate and nurture. The Science Behind the “Pen Test” How do […]

  Read More   

        Featured        

“Can You Buzz Me In?” – An Invitation to a Security Breach

April 12, 2016Published by



Chances are you’ve helped someone get into a building without verifying whether or not they should be allowed in, or even asking if they had a legitimate reason for being there. It might have been at a hotel, or the building in which you work, or a building where you had a meeting. […]

  Read More   

Businesses Alerted to Ransomware Threat

April 4, 2016Published by

Ransomware continues to make news headlines.In response to the growing ransomware threat, government agencies are issuing business alerts to raise awareness and offer guidance. Some of these recent alerts include:United States Computer Emergency Readiness Team (US-CERT) —  “Ransomware and Recent Variants” AlertFederal Bureau of Investigation (FBI) — “Ransomware on the Rise” PodcastAnd here is a […]

  Read More   

IT Security in E-Commerce

March 30, 2016Published by

Do you REALLY know where you stand with compliance and security? Are you faced with the dilemma of digging more deeply into your IT security and compliance posture or simply assuming it’s handled because your providers say they’re PCI compliant? Many online retailers really don’t understand exactly where a provider’s coverage stops and where theirs starts…and […]

  Read More   

Preventing Incidental Disclosure and Other PHI Data Loss [Video]

February 26, 2016Published by


Taking care to not disclose patient information is critical to the success of any healthcare organization. In this post and accompanying video clip, I discuss the security issues I commonly run across in the healthcare setting, as well as actionable tips for preventing their occurrence.

  Read More   

Next »



Back to Top