800-810-1885
Home > Blog > Security News

Category Archives: Security News

Assume the Enemy is Already on Your Network and Look for Them

By Bill Dean | Published: May 23, 2013
Bill Dean

Bill Dean

With little modification to their malicious code, Chinese hackers are back in business and U.S. companies need to assume this code is already on their IT networks.

As the information security industry is well aware, the cyber security company, Mandiant, published a paper in February detailing cyber-espionage involving the compromise and intellectual property theft of hundreds of U.S.-based companies.

Not only did the report disclose the origin of the attacks as originating from China, but actually pinpointed the Peoples Liberation Army (PLA), in detail, as the culprit. The Chinese government, with very careful wording, disputed these accusations.

Is there additional information supporting these claims of Chinese cyber-espionage on U.S. companies? As an organization that provides incident response services, our answer is, “Yes.”

When the Mandiant report was published on the heels of President Barack Obama’s executive order for “Improving Critical infrastructure Cybersecurity”,” incident responders applauded the disclosure of what was common knowledge in the incident response community.

This report brought to light to what incident response organizations have been reporting to their clients for years: China is infiltrating your computer networks for long durations of time and obtaining your valued intellectual property. The report also did a great job of simplifying the situation for the needed executive understanding from a business impact perspective.

Once the admiration of the needed disclosure was realized, the incident response community then became somewhat concerned. Over time, incident response organizations had developed successful tools and techniques for identifying this specific threat for our clients. Now that the adversary has been “ousted”, will they raise their game and change their methods making the identification more difficult?

Read More »

Posted in Security News | Tagged | Leave a comment


When Your High Walls and Wide Moats Fail

By Lara Bergman | Published: May 7, 2013

For years, organizations were instructed to diligently protect their perimeter from attackers, but this approach no longer works.

Bill Dean

Bill Dean

Sword & Shield Director of Computer Forensics and Security Assessments Bill Dean says that after many high-profile breaches, most organizations are likely already breached and must make the effort to detect the threats that are already inside.

He will present information on these advanced threats at the Middle Tennessee Cyber Summit on Wednesday, May 8 from 2:30 to 3:30 p.m. The event, held at the Middle Tennessee State University (MTSU) campus May 7-8, will address criminal, intelligence, disruptive, and information cyber threats and is scheduled to include presentations from U.S. Department of Homeland Security, the Tennessee Department of Safety and Homeland Security, the FBI, the United States Secret Service, and private sector cyber security organizations.

Online registration is closed, but walk-up registration will be available at 7.30 a.m.

Read More »

Also posted in Company News, Training | Tagged , , | Leave a comment


Discovery of Confidential Records are Potential Identity Theft Danger

By Lara Bergman | Published: May 2, 2013

Sword & Shield Director of Enterprise Sales Chris Bevil tells WBIR that if confidential medical records that were found outside the now-closed Lakeshore Mental Institute were used for identity theft, it could have serious consequences.

At this point, it’s too soon to tell if this is in fact a security breach.

“We don’t actually know what happened with the information at Lakeshore. If it was actually breached and someone did take that information. There are several things per the HIPAA Breach Notification that would have to occur,” Bevil said.

Also posted in Compliance | Leave a comment


BYOD Is Great for Business, But Is It Secure?

By Lara Bergman | Published: April 11, 2013

Law firms around the country are embracing Bring-Your-Own-Device (BYOD) programs because it allows attorneys to share information with clients quickly on their mobile devices; however, the benefits of using BYOD programs bring with them the risk of confidential client data breaches.

Sword & Shield Director of Computer Forensics and Security Assessments Bill Dean and Catherine Shuck, a senior associate with Wimberly, Lawson, Wright, Davies and Jones, PLLC, will speak to these benefits and challenges at the Knoxville Bar Association’s Law Practice Today Expo on Friday, April 12. Dean and Shuck are scheduled to speak in Room 400A at the University of Tennessee Conference Center from 10:15 to 11:15 a.m.

Dean points out that one of the biggest challenges facing legal IT is the accessing of firm data by personal applications, such as Dropbox-style transfers used to synchronize client data on everyone’s mobile devices. Legal IT must outfit mobile devices with technology that allows encrypted and secure downloads and the storage of client data accessed on the devices via email, legal applications or document repositories.

The legal and financial consequences of data breaches can be profound for a law firm and can include both a loss of reputation and a hit to the firm’s pocketbook.

Dean’s research indicates that 70 million mobile devices are lost or stolen each year and 43 percent of all mobile devices are not password protected. In his speech, Dean will provide information on how to “control the mayhem.” Sword & Shield also offers solutions to help businesses secure their mobile connectivity.

 

 

Also posted in Company News, Events | Leave a comment


Detecting the Threats Already Inside Your Network

By Lara Bergman | Published: March 11, 2013

Two Sword & Shield Experts to Speak at Ohio IT Security Conference

Bill Dean

Bill Dean

For years, organizations were instructed to diligently protect the perimeter from cyber attackers.

But, according to Sword & Shield Enterprise Security’s Director of Computer Forensics Bill Dean, this approach no longer works.

In his luncheon keynote address to the Ohio Information Security Conference on March 13,  Dean, who also serves as Sword & Shield’s director of security assessments, will present, “When Your High Walls and Wide Moats Fail.”

After many high-profile breaches, we are now being told that we are likely already breached and must detect the threats that are already inside. This presentation will discuss methods and tools to detect and disrupt attackers that are already inside our networks.

The 10th annual Ohio Information Security Conference (OISC) will be held at Sinclair Community College’s David Ponitz Conference Center in Dayton, OH. The conference focuses on three areas/tracks: management, technical, and implementation. The audience includes managers responsible for security policy and administrative decisions, and technicians responsible for security implementation and effectiveness.  Register here.

Tickets include access to keynotes and breakout presentations, breakfast, lunch, and parking.  Continuing Education Units (CEUs) are also available.

Bowe_Hoy_Profile_Photo

Bowe Hoy

Sword & Shield Regional Sales Manager Bowe Hoy also will chair a discussion on preparing for and preventing an information security breach, dealing with the occurrence and aftermath of a breach and balancing security breach incident strategy against cost and business performance.

In addition to Hoy, panelists will include Mike Dockery, chief information security officer (CISO) with Cincinnati Financial Corporation, David Sherry CISO with Brown University and Steve Walker, chief security architect with Premier Health Partners.

Also posted in Company News, Electronic Discovery, Security Assessments | Leave a comment


Forensic Expert is Ohio Information Security Conference’s Featured Speaker

By Lara Bergman | Published: February 11, 2013

Sword and Shield Computer Forensics Director Bill Dean has been featured in a Dayton, OH newspaper article regarding his upcoming presentation at the conference. Dean, who is also Sword & Shield’s director of security assessments, will discuss network threats:

From the Dayton Daily News:

The director of forensics for a Knoxville-based information security firm will be the featured presenter on March 13 at Technology First’s 10th annual Ohio Information Security Conference.

Bill Dean, director of forensics and security assessments for Sword & Shield, will discuss threats to company networks at the conference. Founded in 1997, Sword & Shield provides network security services for 3,000 clients in 50 states and 27 countries, according to the company’s web site.

This year’s Ohio Information Security Conference will address the latest information security challenges, changes and trends, according to officials from Technology First, a regional information technology trade association.

Additional speakers at the day-long event include representatives from Microsoft Corp., IO, Gartner, Sogeti USA, Denison University and the American Civil Liberties Union, among others.

The event will be held at the Sinclair Conference Center in Dayton. The registration fee is $175; $150 for members; and $75 for students. To register or for more information, visit www.technologyfirst.org.

Also posted in Company News, Computer Forensics | Leave a comment


Arming Yourself in the Fight Against Payment Fraud

By Lara Bergman | Published: January 17, 2013

Payment FraudDon’t wait until you become a victim of payment fraud to learn how fraudsters operate.  Knowing what fraudsters are accomplishing and how they are affecting the majority of businesses today can help you protect your company’s most valuable assets.

Please join Sword & Shield Director of Computer Forensics and Security Assessments Bill Dean and Fifth Third Bank’s Vice President of Deposits & Liquidity Mohamed Siraj as they reveal today’s most common payment fraud practices, from phishing, malware, and keyloggers, to check, wire, and ACH debit fraud.  You will also learn about tactics and tools to help you build your greatest possible defense.

There are two dates available for this webinar: Wednesday, Jan 23 and Thursday, Jan. 24 from 1 to 2 p.m. EST.

In this online seminar, you will:

  • Understand the latest threats and emerging trends in phishing and other cyber attacks
  • Identify and help mitigate risks to your organization
  • Learn comprehensive and continuous processes to help protect your organization

Register today.

 

 

Also posted in Training | Leave a comment


HHS announces first HIPAA breach settlement involving less than 500 patients

By Lara Bergman | Published: January 3, 2013

The Hospice of North Idaho (HONI) has agreed to pay the U.S. Department of Health and Human Services’ (HHS) $50,000 to settle potential violations of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Security Rule.  This is the first settlement involving a breach of unprotected electronic protected health information (ePHI) affecting fewer than 500 individuals.

The investigation conducted by the HHS Office for Civil Rights (OCR) followed a breach report submitted by HONI as required by the Health Information Technology for Economic and Clinical Health (HITECH) Act reporting the theft of a laptop computer containing the ePHI of 441 patients.  Over the course of the investigation, OCR discovered that HONI had not conducted a risk analysis to safeguard ePHI.  Further, HONI did not have in place policies or procedures to address mobile device security as required by the HIPAA Security Rule.  Since the June 2010 theft, HONI has taken extensive additional steps to improve their HIPAA Privacy and Security compliance program.

Read the complete story here.

Sword & Shield provides a number of services to ensure your organization complies with the HIPAA Security Rule, including a risk analysis that explains the risks associated with protecting your ePHI. For more information, visit our HIPAA Compliance page.

Also posted in Compliance | Tagged , | Leave a comment


Dean Speaks at IIA Meeting Thursday, Dec. 6

By Lara Bergman | Published: December 6, 2012

Sword & Shield Director of Computer Forensics and Security Assessments Bill Dean will explain how to assess and audit cloud environments at the Knoxville, TN chapter of the Institute of International Auditors luncheon on Thursday, Dec. 6 from 11 a.m. to 2 p.m. at the Outback Steakhouse on North Peters Road.

For various reasons, more and more organizations are moving data, systems, and applications into the “cloud”. However – and alarmingly, companies are still trying to figure out what the “cloud” actually is after the migration has already occurred. What is the “cloud”? What is the big deal? What are the biggest issues? How do we assess/audit these environments? What are the most important questions to ask? What technologies are emerging to help us? Dean will address these questions during his 2-hour presentation and will provide confidence moving forward into these environments.

Dean has more than 15 years of experience in the technical field in roles such as programmer, systems support, enterprise systems design and engineering, virtualization, digital forensics and information security. In 2005, he was recognized as the primary architect for an Intel virtualization/server consolidation project and was awarded Network World’s “Enterprise All Star”and “InfoWorld’s Top 100 Projects”. Since that time Dean has focused his career on the specialties of information security, electronic discovery, digital forensics, and incident response. Dean served as the technical expert and provided Federal Court testimony in the 7th largest eDiscovery case in 2007 and is an expert witness involving a wide variety of issues involving computer forensics.

Also posted in Events | Leave a comment