Your browser is out of date.

You are currently using Internet Explorer 7/8/9, which is not supported by our site. For the best experience, please use one of the latest browsers.

866.430.2595
Request a Consultation
banner

Subscribe to our blog for the latest industry news.

Subscribe
HIPAA Trends & Predictions for 2021
Jan 28, 2021 | Tim Marley, Risk Advisory Services Director

HIPAA Trends & Predictions for 2021

Since passing in 2003, the OCR has issued total fines and penalties in excess of $129,000,000. The fact is, data breaches, hacks, ransomware, etc., are nothing new, but regulators are painfully aware that malicious actors are actively exploiting “windows of opportunity” due to COVID. Those who are succeeding in 2021 understand that their wins are directly tied to maintaining effective security and compliance programs this year. Before exploring those solutions, though, let’s dive deeper into the drivers behind this need.

Read More
5 Reasons to Continue Growing a Program in the Middle of a Pandemic
Jan 21, 2021 | Matt King, Security Analyst

5 Reasons to Continue Growing a Program in the Middle of a Pandemic

According to a survey by ISSA and ESG, cybersecurity professionals saw 63% increase in cyber-attacks related to the pandemic. With the current climate in mind, I’m going to give you 5 key reasons you should not only resist the temptation to put off your cybersecurity projects until after the pandemic levels out, but why you should prioritize growth in your program right now.

Read More
Identity is the New Perimeter: Passwordless Authentication Solutions
Jan 07, 2021 | Josh Spranger, Senior Network & Project Engineer

Identity is the New Perimeter: Passwordless Authentication Solutions

Security, as the saying goes, is not convenient. Security is meant to make it as hard as possible for the bad guys to gain access to things they shouldn’t. But as a result it makes end users life difficult, especially with the advent of multi factor methods of authentication. Sometimes, this can make your users frustrated with having to use several different forms of authentication or having to enter their passwords multiple times for each application.

Read More
What Are Purple Team Exercises and Who Needs Them?
Dec 17, 2020 | Michael Oglesby, Vice President of Security Services Operations

What Are Purple Team Exercises and Who Needs Them?

Terminology and acronyms in cyber security can get confusing. Try to distinguish between Blue Team, Red Team, Black Box, White Box – and now Purple Team exercises, it can be hard to know if you are dealing with terminology or marketing buzz words unless you are a security testing insider. Are we talking about offense or defense? Internal or external? Penetration testing or a vulnerability assessment? One-time or ongoing? We can explore a number of these topics going forward, but I am going to specifically focus on Purple Team exercises in this blog, laying out key definitions, the purpose behind this style of exercise, key stakeholders you will want to involve, and what outcomes you should expect.

Read More
Why “Security First Approach to IT Services is the ONLY Approach”
Dec 10, 2020 | Anna Krupka, Technology and Security Advisor

Why “Security First Approach to IT Services is the ONLY Approach”

During my time at TRUE I have seen some major pitfalls from companies that failed to see the importance of having a “Security First” approach to their IT. So I’m here to explain why you – YES, YOU – should take the “Security First” approach to heart.

Read More
Move the Needle with Your Vulnerability Management Program
Dec 03, 2020 | Kayna Kelley, Security Sales Executive Coordinator

Move the Needle with Your Vulnerability Management Program

TRUE has been providing managed vulnerability scanning services for clients for years, scanning external and internal network environments for the latest exploits, supplying reports, and remaining just a phone call away for remediation guidance, report interpretation, and discussing what keeps our clients up at night. Scanning continues, but organizations don’t always move the needle and are often no more secure as a result.

Read More
Solving the Vulnerability Problem
Nov 18, 2020 | Scott Williamson, Vice President of Information Services

Solving the Vulnerability Problem

Despite years of government issued alerts, subject matter expert directives, and even repeated lamenting of cybersecurity podcasters, unpatched vulnerabilities are still a leading cause for breaches. Why, with so much awareness, is this still a problem? Simply put, vulnerabilities can’t be 100% solved by just adding more activities to your teams’ schedules.

Read More
Microsoft Defender Advanced Threat Protection Summarizes Exposure Score
Nov 05, 2020 | Jim Parsons, Project Engineer

Microsoft Defender Advanced Threat Protection Summarizes Exposure Score

Let’s face it, today’s battleground for IT is in Cybersecurity. You fight the good fight of identity security, you diligently apply your network security, you do your best to manage and protect your data, but those darn computer users take their devices into the dark recesses of public Wi-Fi. What if you had a tool that would help reflect your organization’s exposure associated with all the devices within your organization? Welcome to Exposure Score (ES) in Microsoft Defender Security Center!

Read More
Urgent US-CERT Healthcare Trickbot & Ryuk Alert
Oct 29, 2020 | Dominic Schulte, President

Urgent US-CERT Healthcare Trickbot & Ryuk Alert

The Joint Cybersecurity Advisory, comprised of the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Department of Health and Human Services (HHS), published a critical alert of verified and widespread attacks targeting Healthcare and Public Health Sector organizations.

Read More
Beyond Endpoint Technology: Why You Should Leverage Security Experts for MDR
Oct 28, 2020 | Rory Sanchez, Chief Executive Officer

Beyond Endpoint Technology: Why You Should Leverage Security Experts for MDR

You have to see bandwidth not only as a way for all the good stuff to come in, but also as the perfect conduit for the bad stuff. The more stuff you stream, the more devices that get deployed, the larger the attack surface, the better the chances of finding a way in – it only makes sense. Fortunately, when it comes to protecting your newly expanded corporate IT presence, a few things have remained relatively constant. These include 1) that every user has an “endpoint device” or two that they depend on for getting their work done, 2) that endpoint remains the primary target of most attacks, and 3) we’ve become extremely good at protecting those endpoints.

Read More

Get Started with True Digital Security

Request a Consultation