3rd Party Cybersecurity Services Buzzwords

Pen Testing…Vulnerability Scanning…Risk Assessment…Security Audit

Throughout our interactions with cyber clients, we have received plenty of questions about these cybersecurity “buzzwords”.  What are they? Can we do these internally? How do we select a 3rd party resource?

Why?

Organizations often perceive these services as a requirement under some type

Read the rest
Read more

OCR Publishes New Cybersecurity Materials & Guidance

The Office for Civil Rights (OCR) released new guidance materials that should prove helpful for smaller organizations working on a limited budget. The purpose of the new guidance is to help Covered Entities and Business Associates understand the steps involved with responding to a security incident.

Response Checklist

OCR’s checklist

Read the rest
Read more

FFIEC Releases Updated Cybersecurity Assessment Tool

The Federal Financial Institutions Examinations Council (FFIEC) updated their Cybersecurity Assessment Tool to assist in making baseline cybersecurity an achievable goal for smaller institutions.

The tool was originally designed (in June 2015) to help financial institutions identify their cybersecurity risks and preparedness level. Financial regulators view this assessment process as

Read the rest
Read more

Mishandling HIV Information Costs Hospital $387,000

St. Luke’s hospital came under fire after faxing two patients’ sensitive medical information against their request.

The Office for Civil Rights (OCR) reached a settlement with St. Luke’s-Roosevelt Hospital Center over violations of HIPAA’s Privacy Rule related to impermissible disclosure of protected health information (PHI).

Who is St. Luke’s?

According

Read the rest
Read more

NIST Updates Password Best Practices and Guidelines

The National Institute of Standards and Technology (NIST) published an updated document highlighting guidelines and best practices related to passwords and authentication methods.

These guidelines revise previous NIST recommendations. Security professionals can leverage the new standards when implementing or revising password policies and protocols for their organizations. The updates lean

Read the rest
Read more
1 2 3 98