Introduction Cybercriminals are clever and on the lookout for vulnerable businesses. They exploit common mistakes and flaws to breach systems, then steal, disrupt, or hold businesses for ransom. But here’s the good news: you don’t have to be an easy mark. You can make changes right now to reduce the likelihood of a successful attack.
What is a social engineering attack? In a social engineering attack, an attacker uses human interaction (social skills) to obtain or compromise information about an organization or its computer systems. An attacker may seem unassuming and respectable, possibly claiming to be a new employee, repair person, or researcher and even offering credentials to support that
What is the North American Electric Reliability Corporation (NERC)? The North American Electric Reliability Corporation (NERC; www.nerc.com) is a not-for-profit organization with a mission to “ensure the reliability of the North American bulk power system.” It encompasses the interconnected SCADA power grids of the United States, Canada, and a portion of Baja California, Mexico. Following
What is the Federal Information Security Management Act (FISMA)? The Federal Information Security Management Act of 2002 (FISMA) assigns certain responsibilities to U.S. government agencies to ensure the confidentiality, integrity, and availability of federal government data. The act requires program officials to conduct annual reviews of information security programs. However, as of September 2012, the
What is the Health Insurance Portability and Accountability Act (HIPAA)? The Health Insurance Portability and Accountability Act of 1996 (HIPAA) is maintained by the U.S. Department of Health & Human Services (www.hhs.gov). Designed to protect the confidentiality and integrity of patient health information (PHI), HIPAA had only a muted effect on the security industry until