Articles by Linda Musthaler


July 14, 2014

By Linda Musthaler

Attackers know that if they want to compromise an organization an email with a malicious link or attachment is often the path of least resistance. 

Armed with a wealth of information freely shared online, attackers use social engineering as a means to entice employees into opening the message, and if the malware is successful, the endpoint is compromised and likely leads to further damage.

March 1, 2014

By Linda Musthaler 

Two months since the news of the massive Target breach broke, reports are starting to reveal bits and pieces of how the perpetrators were able to get a foothold inside Target’s point of sale system to steal tens of millions of customer account records. In time, there will be a complete forensic analysis of the breach, with lessons for every IT security professional to take back to their own workplaces.


February 3, 2014

By Linda Musthaler

The healthcare market has been generating much attention lately.  Everyone from individuals to corporate executives is focused on the changes and provisions as they relate to health insurance.


November 22, 2013

By Linda Musthaler

What is the top threat to web applications today? According to the Open Web Application Security Project (OWASP), it’s SQL injection. The problem is so pervasive that it has topped the OWASP Top 10 list of software security issues for several years in a row, and for good reason. Hundreds of millions of database records have been stolen using SQL injection techniques.


November 7, 2013

By Linda Musthaler

Insurance fraud. Identity theft. Financial fraud. These are just a few of the risks associated with storing personal healthcare information online. Healthcare organizations hold some of the most private and sensitive information, and if it were to be comprised, a breach of this data could have serious repercussions for individuals and organizations alike.

To address the need for qualified healthcare IT professionals, the International Information Systems Security Certification Consortium, Inc., (ISC)2 , has launched a new certification, the HealthCare Information Security and Privacy Practitioner (HCISPP).


November 6, 2013

By Linda Musthaler

One day last summer I was in a bank branch, standing in line waiting to conduct my business. Bored, I studied my surroundings and took note of a security camera directed toward the teller station ahead of me. No doubt it was capturing video of each person that approached the teller window and especially of the teller herself who was dispensing cash as customers made withdrawals.


October 22, 2013

By Linda Musthaler

The top IT security threats of 2013 have one underlying root cause: employees using their own technologies and solutions with weak or even non-existent security controls to accomplish their work objectives.

The use of these types of what are generally cloud applications – from storage and file transfer to collaboration and productivity – can put a company at risk for data loss, privacy issues, and non-compliance with regulations and governance controls. However, that doesn’t mean there isn’t value in using these applications. Workers are going to use whatever tools help them do their jobs—whether the tools are endorsed by the IT department or not. This is often referred to as Shadow IT.

The startup company Skyhigh Networks aims to solve the dilemma of cloud services that have insufficient security controls. 

The Human Factor: Gain new insight into the ways attackers exploit end-users' psychology​​

About Security Current | Privacy Policy | Subscribe to our newsletter