Infosec Training Best Practices: Where Do Cyber Exercises Fit In? As we draw closer to the end of the year, cyber security best practices and strategies are being revisited to assess incident response effectiveness. One of the practices that remains essential to test incident response plans are cyber security exercises. Whether companies run table top… Read More
Every security expert has a perspective on what (and who) poses the biggest network security threats: cybercriminals, lone hackers, hacktivists, insiders, compromised workstations, and even nation-states. But with so many traffic requests making their way to your corporate network, it can be hard to distinguish attackers from legitimate visitors. While security information and event management… Read More
In new joint guidance released from the Federal Trade Commission (FTC) and U.S. Department of Health and Human Services Office for Civil Rights (OCR), HIPAA covered entities and business associates are reminded that they are subject to enforcement of both HIPAA regulations and deceptive business practices under the FTC Act. A covered entity or business… Read More
Earlier this year, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) issued guidance indicating that, under most circumstances, a ransomware attack constitutes a reportable HIPAA breach. During a ransomware attack, protected electronic health information (ePHI) is considered breached because an unauthorized individual has control of the information. In their… Read More
This year marks the 13th annual National Cyber Security Awareness Month (NCSAM), which kicked off on October 1, 2016 (you can follow all of the action on Twitter by using the hashtag #CyberAware). The NCSAM theme for this week is “Cyber Security from the Break Room to the Board Room,” which provides an opportunity to… Read More
The New York State Department of Financial Services (NYDFS) has recently proposed a detailed and wide-ranging set of cyber security regulations for insurers, banks, and other regulated financial entities. While the proposed requirements do not spell out what means may be used to enforce the requirements, nor possible penalties, the NYDFS has broad criminal and civil… Read More