As we have previously discussed, a vishing attack is usually one of the most successful types of social engineering both in the wild and during engagements. Due to the nature of a vishing attack, many employees fall victim to simple variations because they are conducted over the phone and they aren’t as familiar with the […]
In today’s blog, we are going to look at how ransomware works and why it necessitates the use of offline backups for your organization. Having audited hundreds of organizations, it is clear to me that most IT professionals are considering availability. It is very common for organizations to be taking regular backups and for these […]
South Carolina became the first state to pass cyber security legislation for insurance companies in 2018. The South Carolina Insurance Data Security Act was passed on May 3rd, 2018 and was modeled after the NAIC Insurance Data Security Model Law. Today we will dive deeper into the law and try to understand the ramifications of […]
The path to HIPAA compliance is paved with many hurdles. One of the first issues most organizations encounter is identifying how HIPAA applies to them and whether they need to meet compliance. So in order to move forward and start applying the necessary controls to meet compliance, you’ve got to determine whether you are a […]
In today’s blog, we are going to explore the concept of Black Box vs. White Box testing. There are a lot of terms thrown around when it comes to security, and it is easy to get confused, especially when different sources use different definitions for each term. Not to worry, we’ll explore black box, gray […]
One of the security services that Triaxiom Security offers is Incident Response assistance. We help an organization determine if a breach has occurred, what is the extent of that breach, was any sensitive data exfiltrated, and what was the initial point of compromise that allowed the breach. The scenarios that lead up to a full […]
