Welcome! Subscribe Here

Your email:

Courion Corporation

Current Articles | RSS Feed RSS Feed

The Government Under Cyber Attack & A Hit To The #IoT: It's #TechTuesday!


2015 Mid Year Trends in Cyber Security


Every January, our blog feeds and magazine headlines are full of the top 5, 10, or 20 trends for the coming year; do we ever hear if they were right? How did those things impact our industry? Did our diligence in these subjects really pay off? Rather than giving you five more things to look out for, I'm taking a look back on what the experts highlighted for 2015 to discuss both how they have impacted us so far and if/how your focus should shift for the remainder of the year.

Here is a list of my 2015 mid-year trends to watch:

password lock

1. Passwords

We all know that the biggest headache for any security team lies within employee credentials. So far this year we have seen breaches at OPM, Anthem, and UCLA Health which total close to 30 million records being compromised. Even the services that supposedly keep our passwords safe aren't immune which we saw in the case of the LastPass breach

These hacks, along with the other thousands we don't hear about, prove that passwords and other credentials are more valuable to hackers than ever.  What I believe this will lead to is the implementation of multifactor authentication. Companies like Apple already have a two-factor authentication in place using the thumbprint scan as an additional password option for banking and other applications. I believe that not only will more personal applications begin to use this for their customers but also that security teams will introduce multifactor authentications in order to access their companies’ sensitive data. 

2. Internal Breaches

We've already discussed the different breaches of Anthem, LastPass, UCLA and OPM; one thing they have in common is that all were breached within the past six months, and all were breached from the inside. This trend isn't going to stop because people are continuously finding ways around the firewall.

internal security

Am I saying to forget your firewall? Of course not. Everyone needs a fence around their important property and that’s what the firewall does. However, with the rising trends of outsourcing, consulting, interns and other non-employee access, you exponentially increase your risk by providing access that isn't always managed correctly and/or shut off when needed. Keeping an eye on your user access is more important than ever and I see the call for real-time monitoring taking over by the end of the year.

ransomware3. Ransomware

Last year, we saw the first major instance of ransomware with the breach of Sony Pictures. The hackers held information and released it slowly while asking Sony for a ransom in order to stop the leak. This year we have seen ransomware take center stage again, most recently with the breach of 4 New Jersey online casinos whose information was held in exchange for a bitcoin ransom.

While this was clearly an issue for the targeted casinos, it opened up an even larger threat surface. This breach has the potential to not only affect the ransomed casinos but anyone in the city who shared the same ISP provider. Were the other companies on that ISP provider not as lucrative as the casinos? Maybe not today. However, this shows us the power of  hackers and their ability to not only steal our information but to use it against us.

4. Internet of Things & Bring Your Own Device Risks

The Internet of Things (IoT) has become one of the hottest topics in the industry, but how has it affected us so far? While the issue of smart refrigerators, coffee makers, etc. might not be showing up in your office yet, the IoT is alive and well and showing itself most often in your employees devices.BYOD Risk

Employees bringing their own devices doesn't just mean smart phones or tablets; now we have smart watches, wearable fitness devices, and more. With constant Bluetooth upload, these devices not only change how we consume personal data but also opens a window into our company's data and the portals where we are connected. It is estimated that these devices numbered 21M in 2014 but will increase to 150M by 2019 – a 48% increase. The IoT and bring your own device issues I see in the near future are as simple as "will hacking your Apple watch affect entry into your organization?"

5. Cyber-warfare

North Korea didn't want to see "The Interview" — and while I don't blame them — I also think that a massive breach of Sony Pictures was a bit over the top. While this may have been the first widely publicized nation-state breach, it is far from the first time one country breached another.

cyber warfare

Last month's HackingTeam breach shows a list of customers ranging governments including several US agencies such as the DEA, FBI, and department of from over 10 different defense. Mix this with the allegations that the OPM hack was instigated by China and we have a whole new issue. Will hacking tools be defined as the new weapons of mass destruction?

 While these certainly weren’t the only trends to watch in 2015, they were consistently mentioned by industry experts. I happen to agree that these five issues are ones to watch and will continue to evolve and change how we do business. 

However, these aren't the only risks that we are seeing now, nor are they the only ones to affect our future. If you are worried about the risks you face in your organization or how to protect yourself against these risks, comment below, contact us at info.courion.com or tweet us @courion. 

Cyber security for Planes, Bikes, & Cars: Your #TechTuesday Roundup



Pro cycling, the automobile and airplane industries take a stand against hacking in this week's #TechTuesday blog. We also look into new survey results and talk about what's really keeping security executives up at night. Come one, come all, it's time for the weekly roundup!

Hacking in Professional Cycling  

It started with baseball; now it looks like another sport has been infiltrated by hackers. Team Sky, a professional cycling team competing in the Tour de France, has come forward with allegations that critics hacked into their system and stole training data for one of its cyclists. Watch the video for the full story. Saul O'Keeffe, Itsecurityguru.com

Automobile Industry Gears Up For Cyber-Threat Intel-Sharing 

Is this a sign companies are finally realizing that security goes in the development stage
 and not after implementation? 

Car Computer

According to this article, "more than 60% of all new vehicles by 2016 are expected to be connected to the Internet" so several car manufacturers have joined to form an alliance to help secure systems in our cars. Kelly Jackson Higgins, Darkreading.com


United Airlines Pays Man a Million Miles for Finding Bug

A few months ago, United Airlines launched a "bug-bounty program" which invited anyone and everyone to try and hack into their systems for a reward of one million miles. Well, the company met its match in Jordan Wiens. Read on for more on the program, Jordan, and the safety of flight systems. Kim Zetter, Wired.com

Here are all of the crazy illegal things for sale on the hacker forum the Feds just shut down


Darkcode is no more! While this is a very "1 down, 800 to go" situation, let's celebrate and marvel at some of the crazy illegal things they had for sale. Cale Guthrie Weissman, Businessinsider.com

What's keeping security experts awake at night?

Spending money on security and still seeing breaches? You aren't alone.

According to Vass, "enterprises are throwing lots of money, time and staff at security, but it's not hitting the things that truly worry security experts." Our question is, are these really the issues that worry you? Let us know in the comments or tweet us @Courion. Lisa Vass, Nakedsecurity.com

Assessing the Risk of Identity and Access


Here at Courion, our mission is to help customers succeed in a world of open access and increasing threats. We want to make sure that the right people have the right access to the right resources and that they are doing the right things with those resources. The question becomes, how does an organization assess those threats and gauge the risk it faces from both internal and external forces? Moreover, how do you plan for that risk and put in place processes to help detect, identify and manage the risk?

With an increasing number of computers and other devices and an increase in the ways in which users access resources, access rights and the monitoring and managing of complex user access rights becomes harder every day. The stresses and strains of access can come from all over but the most common offenders are: 

infrastructure change

-  Routine changes such as hiring, promotions or transfers 

-  Infrastructure changes such as mobility, cloud adaptation, system upgrades, or  new application rollouts. 

-  Business changes such as reorganizations, the addition of new products, or new partnerships

In addition to the stresses from business change, there are an increasing number of government regulations that require compliance, regardless of industry. From healthcare to banking, these regulations climb into the hundreds and assuring that you are fully compliant is more difficult than ever. This increase in regulations along with the increase in complexity of access rights makes identity and access governance a red hot priority.

Want to know more about how Identity and Access Governance can help lessen your risk? Read more by downloading our eBook and learn about: 

-  How to remain compliant with an IAM solution
-  Preparing for an attack
-  Automated provisioning
-  And more  
ebook assessing the risk

From Sense of Security to Smartphone Hacking: Our #TechTuesday Blog


Four online casinos were asked to pay bitcoin ransoms to avoid cyber attacks
Cyber AttackIn a move that would make Danny Ocean proud, a new crop of casino robbers has left the Vegas strip and found new success online. According to the article "four New Jersey-based casinos were asked to pay a bitcoin ransom after being hit with distributed denial-of-service attacks." While it lacks the finesse of Ocean's 11, it does sound a lot easier than breaking into the Bellagio. Stan Higgens, Coindesk, Businessinsider.com

Email worries: providers name their top health data security risks
A few weeks ago, we brought you a blog on Healthcare's Unique Security Challenges, and it looks like we aren't the only ones diving into ways to increase security. The Advisory Board Company named email worries, compromised applications, and hackers as three of the top health data security risks. Read more to see if you agree. Advisory.com 

It's time we stopped calling Millennials "dumb" about data privacy
MillennialsFull disclosure: I am a Millennial so it's no surprise that I agree with this article. However – putting my bias aside – I think this is a great look into why security teams shouldn't confuse this generation's sense of self with its sense of security. John Zorabedian, nakedsecurity.com

Hacking Team 0-Day Shows Widespread Dangers of All Offense, No Defense
You've heard the old saying "the best offense is a good defense" and this article agrees. With last week's Hacking Team breach, we saw how the issue of strong password practices once again can help keep you safe. Read more on passwords and how to #DefendfromWithin. Sara Peters, Darkreading.com

The insane ways your phone and computer can be hacked-even if they're not connected to the internet
HACKERDo you know what's inside your smartphone? Learn about how these tiny machines can give away even more of your information than you thought possible as well as seven other ways your phone and computer can be hacked. Cale Gutherie Weissman, Businessinsider.com



4 Ways to Defend Against Internal Security Attacks


This week the popular blog "Global Accountant" posted an article titled "The Cyber Threat Within- A Third of British Accountants Breach IT Policies". One third? Sad, but true. The article goes on to state that one of the biggest threats for cyber-attacks comes from inside their network due to employees ignoring their IT policy. Would you believe that over 40% of these accountants knew their IT policy but chose to ignore it? 

What are they thinking? Don't they know better? Lifeline IT co-foundeand Director, Daniel Mitchell, is quoted saying, "It’s clear that the majority of accountants are security conscious about IT on the home-front but have a different attitude at work."


This got me thinking - if one-third of your staff is breaching your IT policy, then what can you do to defend within? How do you protect your intellectual property when everyone has access and too many people aren't thinking about the consequences of their actions?

There are four ways that you can defend against internal attacks and we share them with you today.

1. Role-Based Access

With hundreds and thousands of users on your network, it can be overwhelming to try and provision everyone with the correct access in a timely fashion. With people moving into your system every day, it quickly becomes a game of numbers and/or unique identifiers all sending in requests for access they think they need resulting in a backlog of requests, a long wait for access, and too often unnecessary access rights being granted leaving you vulnerable to a breach.

Rather than dealing with these headaches, you could handle provisioning by role-based access. This way, if you are a member of the development team, once you go online to request access to network systems, you are led to the development applications rather than having to pick and choose from each and every application in the company. If you apply for an application that is within your role then you would be instantly granted access rather than waiting on approval for something as simple as email. Not only does this save time for the user by helping them choose what to ask for but it helps to eliminate the number of excessive access requests giving only the right people access to your critical applications.

2. Access Management

Every organization, no matter how big or small or what industry you are in, has the same three types of users: Joiners, Movers and Leavers. What do each of these have in common? 

lock 156641 1280

They need to have their access immediately changed with their status. Joiners need access to systems such as email, time cards, and internal network files on the day they start. Movers need to have access rights changed as soon as their role changes. While these two users are important to your organization the most important to your security are the Leavers. 

In a study by scmagazine.com, 1 in 5 employees still have access to the internal systems of their previous jobs. 1 in 5! When an employee is terminated, regardless of reason, they need to have their access immediately terminated. Is your system set up to handle this?

3. Segregation of Duties

Wouldn’t it be great to be able to set and approve your own budget? What about requesting and approving a purchase order? While this does sound dreamy, it also sounds like nightmare for your finance department. In order for your organization to uphold the checks and balances of their systems, from budgeting to systems access, there needs to be segregation between requestors and approvers.

When you assign Segregation of Duties at the beginning of your project you are essentially saying what each user is allowed to do and not do and put in place barriers to keep these issues from happening.

4. Real-Time Monitoring

Auditing is most likely your least favorite time of the year. However, the fact that you only audit once or twice a year means that you are only giving yourself one or two chances to find errors in your system. With real-time monitoring, like the monitoring with an intelligent IAM system, you can see into your system at any time as well as be alerted when things look wrong. If four new users are granted access to a critical application in one week, would you notice? With real-time monitoring you would be alerted to this event so that you can investigate and mitigate the risk of a breach.

5. Build a Security-Aware Culture

This tip is a freebie. One of the best ways you can protect against a breach in your system is by building a security-aware culture. In Global Accountant’s article, they mentioned that 42% of the accountants knew the IT policy. That means 58% of them didn’t know the policy.Security officer Educated users make better decisions. By building a culture that is aware of the risks to themselves and the company, you expand your security team exponentially. When your organization buys in to your security strategy they become more aware of risks, take more precautions against them and become a new line of defense against attacks.

Are you currently monitoring these four internal risk factors? Have you experienced a breach by not following one of these? Do you even know what risks are currently in your system?

With an Identity and Access Management solution, you can keep up with all of these risks and more at the same time. Using our solutions, we can perform a quick scan of your system and tell you where your risks lie and how you can protect against cyber-attacks.

For more information on how to manage risk in your organization or to have a quick scan of your current systems, contact us today at info@courion.com.

This week went a little password security crazy, and we like it.


Happy #TechTuesday everyone! This week went a little password crazy, and we like it. Which method would you take to protect your password and how easy do you think it will be to hack these new processes? Let us know in the comments or tweet us @Courion.


Medium is doing away with passwords- and its new method for logging in is shockingly simple.

We know that stolen credentials are the number one headache for security teams, and a lot of that has to do with the ease in which passwords are hacked. Medium is taking away the typical password and will now use your email address to send you a link to log in much like a password reset tool. While Medium claims this will be more secure, is it worth the extra time to log in?

Cale Gutherie Weissman, BusinessInsider.com 


MasterCard will approve purchases by scanning your face

I'll admit it, this is my favorite news article of the week. Did you think the fingerprint scanner on your iPhone was cool? Well MasterCard is taking it a step further by allowing you to approve purchases by scanning your face. Marketed for the new "selfie generation", MasterCard believes that this will cut down on user fraud. Just make sure you're not having a bad hair day.

Jose Pagliery, @Jose_Pagliery, CNN Money


Windows 10 Wi-Fi password-sharing feature criticised as a security risk

Have you seen the decorations proclaiming "Home is where your Wi-Fi connects automatically"? Well Microsoft is going a step further by allowing anyone who gets your Wi-Fi password for their PC to potentially let all of their friends onto your network as well. These "friends" could be of the Facebook, Outlook, or Skype variety. Microsoft says it’s a security feature, not a flaw; what do you think?



7 Ways to Reduce your Cyber Attack Surface


Tech Tuesday - From Encryption to BYOD Security



Pita Bread Helps Researchers Steal Encryption Keys

In possibly the most delicious hack ever, a team of Israeli security researchers at Tel Aviv University have developed a way of stealing encryption keys using a cheap radio sniffer and a piece of pita bread. Truly a sight to see.

Lee Munson, NakedSecurity.com


Polish airline, hit by cyber-attack, says all carriers are at risk

Flight delays just got a little more advanced. A Polish airline was hit by a cyber-attack grounding around 1400 planes. There was never any danger to passengers because the attacks happened while no planes were in the air. However, the company says that the hack could happen to anyone, at any time making this a worldwide issue.

Wiktor Szary and Eric Auchard, Reuters.com


Details and insight for VARs: Medical Devices and Security Risk

If you liked last week's blog about the unique challenges facing healthcare today, then you'll love this look into how medical devices are becoming "key pivot points" in the war against hackers and cyberattacks.

Megan Williams, Business Solutions- bsminfo.com


The great debate: To BYOD or not to BYOD

Do you BYOD? As if security wasn't already difficult enough to control within your network and its devices, now security teams have to worry about the exponential threat of “bringing your own device”. This article gives 8 best practices for BYOD security and an insightful look at this new challenge.

Keith Poyster, ITPortal.com 

Healthcare's Unique Security Challenges


In the past few weeks, the U.S. Government has repeatedly been in the news for its recent hack—allegedly by the Chinese—which leaked over four million personnel records. However, this wasn't the only group infiltrated by Chinese hackers in the past few months; According to the popular blog Mashable, over four million medical records were also stolen. This hack exemplifies a growing concern and a new set of challenges for healthcare organizations surrounding the use of digital records. Now that healthcare records are all digitized and shared over networks and multiple devices, these records have become very valuable to criminals while hospitals, clinics and other organizations are still trying to find the best way to protect them.

 Healthcare Data Security and Privacy

While the issues surrounding digital records and possible breaches are the most often reported, they are not the only challenge unique to healthcare organizations. Aside from keeping your records safe, organizations must concern themselves with personnel issues such as the need for multiple people to have access to records. Not only do doctors and nurses need access to patient records but now the billing department, insurance companies and regulatory committees do as well. Some of these positions can easily be credentialed with role based access; some of them are temporary employees or work across different functional areas and need access to different things at different times. It is hard for the organization to maintain proper access control and security with so many unique needs.


On top of the multiple user access requests are the multiple devices that the information needs to be available on. No longer are records and information kept behind the nurses’ station in folders or on desktops; now healthcare professionals are using multiple laptops, tablets, phones, and other mobile devices in their practices. The need to provision all of these devices for any new employee can take days—if not weeks—to get up and running. There is also the need to be able to remotely wipe access to all information if the device is lost or stolen. According to the most recent Healthcare breach Report from bitglass, 68 percent of all healthcare data breaches since 2010 were due to device theft or loss. It is extremely difficult to roll out a process that would cover all of these needs on so many different devices.

roadmap to healthcare hipaa and byod mobile security


One last issue highlighted in the news recently is the vulnerability of specialized medical equipment to be hacked. In another Mashable article, it is reported that drug pumps may be hackable in fatal ways because they enable a hacker to increase or decrease the dosage of drugs. One of the reasons it's so hard to regulate these devices is because they are on a closed loop and can't be easily scanned for malware. The IT department cannot add software because it is an FDA issue and therefore the hospital has a hard time monitoring. So how is the security team supposed to monitor devices that they do not have full access and transparency to? For that matter, how is one team going to maintain visibility into all of the moving pieces of infrastructure and personnel in their organization?

 medical equipment

The best way to mitigate these risks is to implement an Identity and Access Management (IAM) solution. These solutions are known to improve accuracy through their automated provisioning policies and are also instrumental in providing transparency into all access and credentials in an organization. An IAM program helps with personnel risk by giving role-based access and visibility into all roles and credentials of any individual. It will also automatically grant credentials to any new employee across all devices and will take away that access once he or she is terminated. This provisioning or de-provisioning can be done by any verified owner/administrator both on a desktop and on any mobile device, making the speed and scalability of the project fit to any organization's needs.


The risks for healthcare organizations will continue to grow as both the Internet of Things and the sophistication of hackers mature in the next few years. IAM solutions are driven by real-time data that allow you to make the most informed decisions possible. Imagine having information on what accounts were most at risk so that you could monitor the risk of data breaches; what if you could automatically wipe sensitive data from a laptop when your doctor forgot it on the plane? IAM solutions can allow you to mitigate these risks and give you visibility into your systems. While the risks and attacks will never stop coming for your organization, with IAM, you will have the ability to recognize these attacks sooner and fight back.


All Posts