Towerwall's InfoSec Blog

The average cost of a data breach involving fewer than 10,000 records was $5 million The American public has become so inured to data breaches that it’s difficult to remember them all. Infamous breaches like the ones at Target and Sony become almost forgettable when confronted with the recently disclosed half-billion accounts compromised at Yahoo in 2014.

The last time we looked at how Critical Security Controls (CSC) can help you build your InfoSec framework, we covered getting a handle on your software and your hardware inventories. Today, we're going to discuss the importance of continually assessing and remediating vulnerabilities, keeping a tight control of administrative privileges, and monitoring your audit logs. These concepts are encapsulated in CSCs 4, 5, and 6. You should develop stringent policies, consider devoting resources tofalse

Once again, the Information Security Summit hosted by Towerwall and MassBay was a resounding success. Hundreds of attendees and vendors participated in diverse data security panels and networked with industry leaders and peers. The Summit opened with Michelle Drolet, CEO of Towerwall, and Shamsi Moussav, Computer Science Professor at MassBay Community College, presenting scholarships to MassBay students Kirk Barge and Julius Newton. Michelle Drolet said,

secuProvided by William Gallagher Associates Insurance Brokers, Inc. News broke last week that Anthem, the nation’s second-largest health insurance carrier, was the victim of a data breach by external hackers. This breach affects both current and potentially former clients of Anthem. WGA is monitoring the situation on an ongoing basis, and here is what we know at this point. Anthem is working with the FBI to determine the extent of the compromised data. To provide members with the most currentfalse

Our Michelle Drolet is quoted in NetworkWorld's article "Are mobile apps putting your data at risk?". Read more below:

The funkily-named bug of the week is GHOST. Its official moniker is the less catchy CVE-2015-0235, and it's a vulnerability caused by a buffer overflow in a system library that is used in many, if not most, Linux distributions. A buffer overflow is where you assume, for example, that when you handle a four-byte network number written out as decimal digits, you will never get anything longer than 255. 255. 255. 255. That takes up 15 characters, so you may decide that you'll never need more thanfalse

Anthem, the nation's second-largest health insurance company, is the latest target of a security breach. Eighty million customers, including the company's own CEO, are at risk of having their personal information stolen. VPC SAN FRANCISCO - As many as 80 million customers of the nation's second-largest health insurance company, Anthem Inc., have had their account information stolen, the company said in a statement. "Anthem was the target of a very sophisticated external cyber-attack," Anthemfalse

As the International Consumer Electronice Show (CES) 2015 brings forth the next generation of devices to watch out for, it also opens issues of digital security. While new technologies and devices are always interesting, they also have the potential to burn consumers and vendors with risks to security and privacy. With these in mind, we picked out four tech trends from CES 2015 can impact your data and privacy.

Our Michelle Drolet is quoted in NetworkWorld's article "Throw your vendor under the bus after a breach? Not quite so fast". Read more below: