Scary Cybersecurity Stories from Black Talon Security

In the most recent episode of the Help Me With HIPAA podcast, Donna and David interviewed Gary Salman, the CEO of Black Talon Security.  By the end of the episode, David was using a paper sack to help keep himself from hyperventilating.  He said it was because of all the stories, but I think David was a little star struck by Gary. 😉  In David’s defense, what IT geek wouldn’t be a little bit star struck after listening to how Gary went from creating an oral surgery software application for his Dad’s practice from his college dorm room to being the CEO of Black Talon Security.

Black Talon Security was founded in 2017 to help clients in the healthcare, financial, legal, accounting, and other sectors to prevent cyber attacks on their businesses.  Black Talon Security also does incident response, breach response, and forensics investigations for victims of cyber attacks.  Gary told several stories about things he’s witnessed through his work in cybersecurity, but one of the more scary ones was how some IT companies, either by ignorance or just by trying to cover their own butts, don’t explain to their clients that under the HIPAA law a ransomware attack has to be considered a data breach until proven otherwise. These IT companies just tell their clients that there is nothing to worry about and that they can make it go away with the cool backup tools they purchased from them.  In the meantime, the client has no idea what has happened, how long the bad guys were in their files or even where the files are until they start seeing them show up on the web.  Now you have a major problem!

That is just the beginning of Gary’s scary cybersecurity stories.  There were so many that Donna and David split their conversation with Gary into a two-part podcast.  So, listen to part one of the interview with Gary Salman in Episode 270 of the Help Me With HIPAA podcast.  His stories might scare you, but they’ll also make you aware of the threats that lurk out there and what it takes to better protect your applications and data.