Articles
Segmentation: The Neglected (Yet Essential) Control
By John Moynihan, President, Minuteman Governance
Written for: www.darkreading.com
Date: March 29, 2018
Failure to deploy measures to contain unauthorized intruders is a recipe for digital disaster.
Throughout the past decade, the information security profession has pursued an approach centered around protecting the network perimeter. While this proactive strategy has become the foundation of most enterprise programs, organizations must be equally capable of reacting to attacks by containing intruders once they have entered the network. Although identifying and mitigating perimeter threats is essential, the fact remains that cybercriminals and nation-state actors are, with alarming frequency, defeating the most-hardened networks. Therefore, it is imperative that practitioners acknowledge this dynamic and deploy containment measures to isolate intrusions.
Read More
Risky Business: Why Enterprises Can’t Abdicate Cloud Security
By John Moynihan, President, Minuteman Governance
Written for: www.darkreading.com
Date: July 7, 2017
It's imperative for public and private sector organizations to recognize the essential truth that governance of data entrusted to them cannot be relinquished, regardless of where the data is maintained.
Read More
Customized Malware: Confronting an Invisible Threat
By John Moynihan, President, Minuteman Governance
Written for: www.darkreading.com
Date: March 31, 2017
Hackers are gaining entry to networks through a targeted approach. It takes a rigorous defense to keep them out. How secure is your network from unauthorized access?
Read More
Database Breaches: An Alarming Lack Of Preparedness
By John Moynihan, President, Minuteman Governance
Written for: www.darkreading.com
Date: October 10, 2016
It's no secret that databases are fertile ground for malicious activities. Here's how a seven-step process for monitoring known harbingers of an imminent attack can help reduce the risk.
The recently announced cyberattack at Yahoo, wherein 500 million user accounts were compromised over a period of several months, is irrefutable proof of an alarming reality - databases are under siege and many organizations are incapable of protecting them.
Read More
Data Manipulation: An Imminent Threat
By John Moynihan, President, Minuteman Governance
Written for: www.darkreading.com
Date: September 12, 2016
Critical industries are largely unprepared for a potential wave of destructive attacks.
An approaching cyber storm—one capable of unleashing unprecedented chaos—is looming on the horizon of the United States' public and private sectors. Although experts warn that attackers are poised to launch sophisticated campaigns designed to manipulate financial, healthcare, and government data beyond recognition, our critical industries remain largely unprepared for these potentially destructive attacks.
Read More
Internet Brings Home the Threat of Radicalization
By John Moynihan, President, Minuteman Governance
Written for: Orlando Sentinel
Date: June 23, 2016
The violent events in San Bernardino, Fort Hood and now Orlando prove that terrorist groups are capable of what was previously unthinkable — the ability to radicalize American citizens to carry out attacks within the United States. Global intelligence agencies agree that these groups are now feverishly planning missions designed to inflict instantaneous and lasting damage to our nation through coordinated cyber attacks on our critical infrastructure.
Read More
From NY To Bangladesh: Inside An Inexcusable Cyber Heist
By John Moynihan, President, Minuteman Governance
Written for: www.darkreading.com
Date: March 29, 2016
A spelling error was the tipoff to last month's multimillion-dollar digital bank heist. But could multifactor authentication have prevented it in the first place?
Read More
File Sharing: The Silent Threat
By John Moynihan, President, Minuteman Governance
Written for: www.infosecurity-magazine.com
Date: February 22, 2016
On a daily basis and without the approval of their employers, public and private sector employees secretly transfer various forms of confidential information to cloud-based file sharing services.
Read More
Educate a Workforce Against Cyber Attacks
By John Moynihan, President, Minuteman Governance
Date: July 21, 2015
"Social engineering" overtures are designed to induce employees to act impulsively, thereby executing the installation of malicious software, commonly known as malware.
Read More
Combating the Evolving Malware Threat
By John Moynihan, President, Minuteman Governance
Date: October 1, 2014
How secure is our network from unauthorized access? Any information security or risk management professional has undoubtedly heard this question many times, likely with increased frequency.
Read More
New Rules for Vendor Compliance
By John Moynihan, President, Minuteman Governance, written for http://www.rmmagazine.com
Date: June 1, 2014
If you are a health care vendor, financial or retail service provider, or federal government contractor, additional compliance responsibilities are on your horizon. In response to the unprecedented growth of outsourcing, hosting and contract employment, and in light of several high-profile vendor breaches, regulators have been focusing on the expansive third-party service provider community.
Read More
Data Protection Law - Compliance is Mandatory
Attorney General Martha Coakley recently signaled that the Commonwealth will hold accountable those who fail to protect the personal information of Massachusetts residents. On May 24, the Attorney General announced a $750,000 fine for an organization's failure to implement appropriate safeguards, policies and procedures to protect consumer information, failure to properly train its workforce and failure to execute confidentiality agreements with a third-party vendor.
Read More
Human component remains wild card in data breaches
RE ”HOSPITAL reports a possible data loss: Doctor misplaced drive that had held patient records“ (Metro, Aug. 6): Alas, we learn of another situation wherein a hospital has lost personal information that it was entrusted, and legally required, to protect. In response to this unfortunate incident, the organization states that it will be ”reviewing and augmenting our policies and procedures, and enhancing our training.“
Read More
Data breaches leading to loss of consumer trust
Richard Clarke’s June 15 op-ed ”China's Cyberassault on America“ provides a thoughtful discussion of the prolific increase in data breaches and the potential impact of these events. While I agree with his perspective, his discussion was silent on the main catalyst of these events.
Read More