10 Steps to Proper Employee Offboarding for IT Security

We’ve all experienced or facilitated the process when a company onboards you (as an employee) or you (as an employer) are onboarding a new employee.

Offboarding, on the other hand, has a significant risk to the business if done improperly. Failure to completely outboard could allow former employees to maintain access to secure networks, confidential information, and sensitive company data.

IRS Publication 4557 – Safeguarding Taxpayer Data

CPA firms are lucrative targets for hackers. They store, send, and receive Personally Identifiable Information (PII) for a living. Because CPA firms are especially targeted, the IRS recently released Publication 4557, which  explains the legal requirements tax preparers are subject to and further offers guidance on maintaining compliance (Source). 
What is it about CPA firms that makes them so enticing for hackers looking for an easy victim? 
Financial data.

Bending the Truth on Your Cybersecurity Insurance Application? See How It Cost a Healthcare Provider $4.125 Million.

If you've considered bending the truth or "lies by omission" on your cybersecurity application, we strongly encourage you to reconsider. The consequences can be expensive and far-reaching, as they appear that they will be for Cottage Health (Cottage) (Source).

Cottage carried cyber-insurance from Columbia Casualty (Columbia). By providing false responses to the insurance risk assessment questionnaire, Cottage appears to be facing the consequences without any coverage from Columbia when they were part of a hefty lawsuit.

American’s Stolen Identities Only Worth $8 Per Record on the Dark Web

Like many of us, you’ve probably worried about what it would be like to get your identity or private information stolen. You’re careful with your credit card information, your social security number, and other sensitive information. But have you ever wondered what you’re worth if your information were successfully stolen?

After completing a successful phishing campaign or data breach, cybercriminals sell stolen personal information on the black markets (i.e., the dark web). Researchers from Comparitech analyzed over forty web marketplaces to learn how much PayPal, SSN, and credit card information are worth to cybercriminals looking to sell the information.

New Ransomware Trend “Pay or Get Breached” Is on the Rise

A troubling new ransomware trend is gaining momentum. Known as the “pay or get breached” trend (also called the “double extortion” scheme), it gained a foothold in 2020 and is gaining steam as we begin 2021. 

With more than 550 incidents in the fourth quarter alone, ransomware attackers have not been shy in adopting the “pay or get breached” scheme.