Data Breach, Vulnerability Testing & Management

Another Data Breach…

RISC

Launching Part One of Practical Security Series: Scenarios

Recently the University of Maryland was the victim of a sophisticated computer security attack, or hacking incident, that involved the breach of a significant database at the University. This breach may have exposed the records of over 309,000 faculty members, staff members, students, and other affiliated personnel from some of the University’s campuses.

Once again, similar to far too many other data breach events, the breached information included Social Security Numbers, or SSNs. While the University is offering free credit monitoring to those affected, anyone who has endured an identity theft incident knows that the inconvenience is far more extensive than twenty dollars and one year of credit monitoring.

While it may take the incident forensic specialists, and their recently doubled IT Security Staff (self-claimed), some time to determine the root cause, the actual and total information breached, and whether procedural or technical reasons permitted the breach to happen, the incident as a whole serves to remind us that we all must be continually diligent.

Continued diligence involves assessing your own organization, and your data security controls in an authorized and controlled manner. Unauthorized parties are assessing your security controls on a constant basis. The benefit to performing your own assessment, such as a Technical Vulnerability Assessment, is that you are privy to the results. When a “hacker” assesses your controls the only results you may receive, or maybe not, is success or failure of their efforts.

RISC Management & Consulting specializes in data privacy and information security regulations and frameworks,  visit our website for details call:  800.648.4358

Published by RISC

RISC Management & Consulting is an organization dedicated to information security and compliance, focused on healthcare & banking. RISC Management was founded by professionals with extensive experience in Healthcare, Information Security & Compliance to assist those organizations with obligations related to: HIPAA – The HITECH Act – HITRUST – Meaningful Use & ISO 27001 & 27002 RISC Management & Consulting offers several core practice areas to support the needs and legal obligations of our clients. All of our services are focused on getting you compliant with Privacy & Security requirements, quickly, completely, and affordably! To learn more about our Healthcare practice areas please visit www.RISCsecurity.com

1 thought on “Another Data Breach…”

  1. Pingback: Another Data Breach… | RISC Consulting

Leave a Reply

Please log in using one of these methods to post your comment:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.