Formjacking: What’s That?

Answer these questions? Has your site been infected with formjacking? How did you find out? How hard was it to repair? How much damage did you or your users sustain? Symantec Internet Security Threat Report describes formjacking as malicious code inserted into websites. To capture personally identifiable information (PII) and debit/credit card information. Compromised sites perform legitimate transactions, even as the data is being transferred to illegitimate servers. This form of attack is inexpensive to deploy and almost impossible for users to quickly detect. Are you at risk ? Consider statistics drawn from “Smart Speaker, get me a cyber attack” — IoT was a key entry point for…

READ MORE

In Faith-Based Information Sharing and Analysis Organizations We Trust?

President Obama issued Executive Order (E.O.) C.F.R. 13691 to promote private sector cybersecurity information sharing. See  Executive Order No. 13691  For over 1 million faith-based and nonprofit organizations exist in the Unite States alone.  See NonprofitDirectory In 2018 Faith-based Information Sharing and Analysis Organizations, ISAO emerged to help these organizations improve their cyber security posture.  Websites, such as,  faithbased-isao.org, exist to help their members analyze and share data about threats and risks.  They offer best practices and training.  They can also serve as a focal point for legislative initiatives. Many FB organizations remain hesitant about participating in ISAOs.   Reasons include. Deference. Many FB organizations form media and technology…

READ MORE

Artificial Intelligence: Reimagine Worship and Worshippers

Rev. Billy Graham once stated, “when used correctly tech could do wonderful things” Observer Technology is reimagining habits for worship and for the worshipper. Vendors now offer mobile apps, social media and websites for the faithful. For example, traveling Catholics can access apps or the Internet to locate nearby services. www.masstimes.org Vendor’s offerings, such as, Subsplash (community engagement) and Tithe.ly (online giving) and Pushpay, enable secure automation for many administrative and management tasks. In doing so, Big Data is now part of doing business as a place of worship. Data is collected on attendees and members’ activities, especially, if a multi-site or mega place of worship. How will…

READ MORE

Digital Assistants/Chatbots: What Should Patients Expect?

Digital assistants like Siri , Alexa, Cortana and Google Assistant are becoming commonplace  in our houses, devices and apps. Soon these same assistants will begin offering healthcare related services. Here’s a look at what to expect for the next 2 years. Soon these digital assistants may also order our medications or schedule dental cleanings. For example, Microsoft and others now offer AI-platforms for developers to create bot services. Possibly, creating digital medical assistant services.  Imagine asking: “Siri:  Find me a Heart Surgeon!” But are patients ready to accept medical advice from an algorithm? Currently, healthcare digital assistants are chatbots. Their user interface is primarily textual. Equipped with natural…

READ MORE

When to treat family and friends like acquaintances

Key takeaway Third party risk management is not just for suppliers, IT vendors and service providers.  In many cases, subsidiaries or other organizations within your enterprise, and even well-known business customers should be brought into the third party management program. The problems at Deutsche Bank and Danske Bank reminded me of an inquiry I had with a CISO at a large high tech equipment manufacturer.  We were discussing best practices in third party risk management.  I asked him  what types of companies he was monitoring and he told me they were subsidiaries.  He was putting these subsidiaries through the same hoops as he would any other third party…

READ MORE