'; $('#et-footer-nav').append(ssl_seal); }); });

Additive Process for Assuring the Identity of Sending & Receiving Parties During Key Exchange

In The News

White House eliminates Cybersecurity Coordinator role
From May 16, 2018, written by Zeljka Zorz. The White House has eliminated the role of...
Intel Announces First Quantum Computing Testing Tool
Intel and partners Bluefors and Afore have created a cryoprober, named the Cryogenic Wafer...
cyber attacks
Hackers Bypass MFA on Cloud Accounts via IMAP Protocol
Over the past several months, threat actors have been increasingly targeting...

Chinese and Iranian Hackers Renew Their Attacks on U.S. Companies

SAN FRANCISCO — Businesses and government agencies in the United States have been targeted in...
protection

CEO Richard Blech’s Letter to the Editor …

To Brandon Bailey AP Technical Writer The easiest way to get people to go against their own...

Chinese and Iranian Hackers Renew Their Attacks on U.S. Companies

SAN FRANCISCO — Businesses and government agencies in the United States have been targeted in...

SAIL and Your Business

  • Process that CONFIRMS the identity of both the SENDER and RECIPIENT when exchanging encrypted data
  • Eliminates man-in-the-middle and spoofing attacks
  • Facilitates incorporation of biometric data into the symmetric encryption process
  • Can be adapted to work within existing TLS process or other processes that require additional security assurances

Technology in the News

How to Avoid the Top Three Causes of Data Breaches in 2019

What's the price of unprotected IT infrastructure? Cybercrime Magazine says that global damages will surpass $6 billion as soon as 2021. Here we'll go through some of the most frequent and emerging causes of data breaches in 2019 and see how to address them in a...

Google confirms ‘quantum supremacy’ breakthrough

Google has officially announced that it’s achieved quantum supremacy in a new article published in the scientific journal Nature. The announcement comes exactly one month after it initially leaked, when Google’s paper was accidentally published early.Did you enjoy...

NordVPN confirms it was hacked

NordVPN, a virtual private network provider that promises to “protect your privacy online,” has confirmed it was hacked. The admission comes following rumors that the company had been breached.Did you enjoy this article? Then read the full version from the author's...

We asked a hacker to try and steal a CNN tech reporter’s data. Here’s what happened

I share, therefore I am. I am the kind of person who posts Instagram photos (filtered, of course) from my vacation. I am also the kind of person who tweets about buying an overly-expensive piece of furniture because I fell for a sleek online ad about how it would...

Newsrooms, let’s talk about G Suite

There are many legitimate reasons to give administrators this far-reaching ability to organize and retain user data, such as compliance with legal requests. All of this logging and retention functionality may also help your organization’s administrators monitor for...

In the last 10 months, 140 local governments, police stations and hospitals have been held hostage by ransomware attacks

The attack starts, innocently enough, with an email. But when someone clicks the link inside, hackers quickly take over. CNN's Tina Burnside, Kevin Collier, Pierre Meihan, Faith Karimi, Eli Watkins and Zachary Cohen contributed to this story. Did you enjoy this...

Cloud Breaches Like Capital One Will Strike At Self-Driving Cars

The news has covered yet another breach of systems security that involves the theft of massive amounts of data, in this case impacting an estimated 100 million customers of Capital One Financial Corp. In the past, the public might have reacted vociferously in outright...

Siemens-Poneman Study: Cyber attacks on power utilities are growing in numbers, complexity

The cybersecurity risks against critical power infrastructure seems to be worsening, as a new study indicates that 56 percent of respondents reported their companies suffered one or more shutdowns or loss of operational data per year. Did you enjoy this article? Then...

Hack Breaks PDF Encryption, Opens Content to Attackers

Researchers in Germany have invented a new hack that can allow someone to break the encryption of PDF files and access their content  — or even forge signed PDF files under certain circumstances. Did you enjoy this article? Then read the full version from the author's...

‘Harvesting Attacks’ & the Quantum Revolution

Stockpiles of stolen information sitting in foreign databases are ready to be exposed the minute there's a working quantum computer in five to ten years. The time to act is now. The Information Age replaced industrial equipment with data. Did you enjoy this article?...

What is SAIL?

  • Better secures email & ecommerce transactions
  • Better protects against “man-in-the-middle” attacks
  • Eliminates “Phishing”
  • Uses standardized (RSA) encryption
  • Provides notable benefits vs. (TLS) process:
    • SAIL significantly improves on the simplistic (TLS) process by including steps that securely authenticate & identify both parties.
    • SAIL combined with a key exchange (such as Secure Channel’s Secure Key Infrastructure) would provide additional security benefits over the existing (TLS + OAuth 2.0) process in-use today.

Addressing the Gaps in Healthcare Security

Secure Authentication and Identity Loop (SAIL).

Healthcare organizations are increasingly targeted by hackers over the value of the data they depend on to operate.  The data transmitted among staff, branches, insurance companies, devices, apps and patients is rich with protected health information (PHI) and fetches a greater price than credit card or financial information on the dark web.  The healthcare sector suffers more ransomware attacks than any other industry due to the mission-critical need for providers to access PHI to operate facilities and administer treatment.    Ransomware can be introduced into healthcare systems through a man in the middle transmission injection or via malicious code attached to an email from an unauthenticated party.

The highly sensitive nature of PHI and the effects that its unauthorized disclosure can have on patients are at the heart of the heavily-regulated sector’s data privacy controls.  The Health Insurance Portability and Accountability Act (HIPAA) and the Health Information Technology for Economic and Clinical Health (HITECH) Act impose stiff penalties on health organizations following data breaches resulting from improper PHI handling.  The fallout from unauthorized PHI disclosure can include impacted patient privacy and livelihood, damaged confidence in the healthcare institution and severe financial toll.

As of 2019, the average healthcare cyberattack recovery cost is $1.4 million.  To combat the rising costs, healthcare organizations have implemented technologies meant to transmit PHI securely through digital communication channels.  Organizations have deployed HTTPS inspection tools designed to terminate malicious code before it reaches its intended destination, and prevent unauthorizing parties from intercepting communications.  Many HTTPS inspection tools, however, were found to actually reduce the security of network traffic, leaving healthcare organizations more susceptible to the threats they sought to abate.

Healthcare organizations need a cybersecurity solution that provides end-to-end protection for its sensitive network connections.  The solution must authenticate parties to ensure PHI is sent to and received by the intended recipients.  It has to shore up communication channels and eliminate weaknesses man-in-the-middle attackers can exploit to exfiltrate or manipulate data, or introduce malicious code.  It also needs to be limber to safeguard communications among medical devices, patient mobile apps, email clients and myriad other deployments.

SAIL solves with:

Authentication: Persons, devices and apps register with Secure Channels’ SCIFCOM token authority.  The SAIL process initiates a two-way authentication between all parties seeking to establish secure connections.

Integrity: SAIL’s two-way authentication for key exchange creates an impenetrable communication tunnel that resists manipulation of protected data in transit.

Confidentiality: SAIL’s secure communication tunnel prevents unauthorized parties from intercepting PHI in transit.

Adaptability: SAIL works with existing TLS and other processes requiring additional security assurances.

Reliability: SAIL’s secure communication process ensures data and signals transmitted among apps and devices are free from interruption or manipulation that can affect their performance.  It also eliminates channel weaknesses that can be used to inject systems with ransomware prompting significant business downtime.

Compliance: SAIL uses FIPS-compliant RSA to exchange keys for an extremely secure connection.  SAIL provides the strong communication tunnel component for cybersecurity solutions transmitting PHI covered under HIPAA, HITECH, Payment Card Industry Data Security Standard (PCI DSS) and other data privacy controls.