Is your healthcare organization at risk?
Ransomware is not going away in 2017—Life Threatening to the Healthcare Industry
Did you know that, as of January 2017, there have been more than 1,800 sizeable security breaches of healthcare information?
Keep creepy, scary things from landing on your computer! Out of date protection is no protection.
Neglected or incomplete risk assessment could lead to a denial of cybersecurity insurance coverage for healthcare organizations.
Social media is a reality of doing business today. For healthcare organizations, this raises tricky privacy and compliance issues.
While you may not be able to prevent all ransomware, you can be prepared to outsmart it.
A strong password is not always enough. Two Factor Authentication can make your online accounts difficult to hack - but
Concluding this series... Your state's privacy and breach notification statutes may differ from HIPAA regulations.
Mobile apps should only access data where you have granted permission. But, if we are not paying attention, downloading a
After a data breach, everything you have done, everything you have discovered, and everything you have reported must be documented.
Phishing accounts for 3/4 of all socially-based attacks. When hackers go after the “big fish” in your company, we call
Part Two in a series on the fundamental questions about Incident Response tackles when and how a breach must be
We’re all excited about our team's run for the 2016 Stanley Cup! It is the topic of conversation around the
In Part One of a planned series of articles to look at Incident Response best practices, we start by discussing
People do not use easy passwords to purposefully invite risk – we do it because they’re easy! Strong passwords are
OCR announced this week that a second round of HIPAA Audits has finally begun. Even if you don't face an
We are also seeing more aggressive ransomware and malware and it shows up on devices that were previously not targeted.
While courts, lawmakers, and executives grapple with privacy concerns, users should understand what is at stake and what is within
Compliance begins with risk assessment. Security ends with incident response. And peace of mind requires reliable intelligence.
As you gear up for a productive 2016, while you are focused on getting to the next meeting or seeing
Could 2016 be a turning point in our ability to identify and thwart malicious attacks and close security gaps that
Does heightened consumer awareness translate to more secure online shopping habits? Old habits are hard to break, convenience too often
This holiday season, retailers are more liable for credit card fraud as they still work to implement EMV chip technology.
Future HIPAA compliance audits could result in more costly enforcement action. But being prepared is about more than a possible
Your employees may not realize how valuable their access may be to dangerous cyber criminals. Hackers can be very clever
When the guy in charge of setting cyber priorities for the nation releases his short list, it should serve as
The current lack of experienced IT security personnel makes it difficult for IT teams to handle the growing challenges companies
We strongly urge clients to use a system such as two factor authentication (TFA) as it is the only effective
When hardware or equipment becomes obsolete or simply no longer meets the needs of your company, where does it go?
Health IT Week has become a rallying point for the healthcare industry to face the challenges of advancing services with
For some of the same reasons execs hesitate on IT security, merchants and banks in the U.S. seem to be
Some of the same tools that help us do more also threaten our security. Every employee must understand the risks
When your sales team and account managers can speak to your company’s compliance efforts and data security, prospects are reassured
Floridians tell ourselves we are not really at risk for a hurricane. I hear the same sentiment from executives about
If (when) your company encounters an IT security incident or data breach, you will need every employee ready to respond
An inadequate or infrequent risk assessments can lead to security vulnerabilities or compliance troubles. To protect your company or organization,
Executives face a constant battle of priorities. You must weight expense and effort against risk and benefit. Understand the business
When your organization runs into a new sort of vendor or contractor, you may wonder if the expectations of a
Companies should have a policy that defines in specific terms what constitutes an information security incident, and provides a step-by-step
In any business, there are risks. There are risks in investment, risks in the introduction of new products or services,
Identity theft has become big business for hackers, small time crooks, and even some nation-states. Millions of Americans have their
Everybody understands the term ‘personalized healthcare’, it’s what we have naturally come to expect in the new age of consumerization,
If your laptop were lost or stolen today, would your sensitive information be compromised? What could it cost you or
Hackers, cybercriminals and nation-state actors clearly identify healthcare organizations themselves as a valuable source of assets -- just the same
Moving to cloud (the industry likes to use the term ‘migrating’ to tell us that we’re off to a better
With greater connectivity comes potential for new risks. For example, computerized drug-infusion pumps used to ensure patients get the right
The FREAK vulnerability affects some implementations of SSL/TLS that may allow an attacker to decrypt secure communications between vulnerable clients
Is your team prepared for a sudden data breach or security incident? If you do not have a documented, practiced
In facing the reality of BYOD, every company needs to put clear "Bring Your Own Device" policies in place to
If you were paying attention in 2014, you know it's time to make some resolutions about your company’s IT security
Issues and concerns raised by weird and scary attack at Sony Pictures extend to your business as well.
Your employees are very important to cybercriminals who want access to your business or facility, your systems, and your data
Internal threats often lead to devastating breaches. Even worse is the realization that it could possibly have been avoided.
Security breaches in 2014 underscore the importance of being vigilant in monitoring, training, and response planning.
Strong, unique, secure passwords are critical to your business. Share our latest security awareness tip to remind colleagues and employees
Do you know how to avoid the HIPAA compliance issues that are involved in most OCR investigations?
They say 80% of security breaches could be prevented by good "cyber hygiene." Is your company overlooking the most basic
If an app is not offered in your phone’s App Store, consider this a warning sign. Downloading rogue apps is
In several recent reports, red flags have gone up pointing to coming problems resulting from inadequate mobile application security.
Requests for HIPAA officials to clarify ambiguous provisions may awaken a sleeping giant of burdensome regulation that could ultimately more
OCR has postponed "Round 2" HIPAA audits for Covered Entities & Business Associates. But don't relax just yet!
Teaching employees to lock their computer when they walk away is the same. It needs to become a mindless habit.
Is it safe to adopt an Assumption of Breach philosophy? That depends on how you respond once you've made the
When your company experiences an IT security incident, the more quickly you can respond, the less damage you will incur.
Training employees to use safe online practices and to be careful where and how they access the internet will help
If your organization has been operating under a BAA that was grandfathered in, your final deadline is now just a
With the benefits of remote and mobile technologies, we must be realistic about the risks and challenges. See US-CERT's recommendations
You know that security training is a key component of compliance. Making the necessary training a regular and effective part
Phishing emails are bothersome. But, when they come into your corporate email systems or to an inbox sitting on a
Increasing reports of TDoS attacks targeting health centers and hospitals have caught the attention of law enforcement.
Business Continuity planning forces you to consider eventualities you’d rather not think about and to answer some really tough questions.
Free online downloads are a notorious hotbed of cyber-criminal activity. If employees aren't aware of the dangers, those free downloads
In the 2013 movie, “Escape Plan,” Sylvester Stallone plays a guy who literally wrote the book on prison design and
You want to know your systems are as secure as possible. How much do you really need to invest to
The security world is in an uproar after news that TrueCrypt is unsafe, compromised, or simply has been discontinued.
These tips can help you explain the importance of strong passwords to your company and establish appropriate policies and procedures.
Vulnerabilities found in networked medical equipment may pose real risks of disruption of treatment and potential harm to patients.
With OCR compliance audits set to resume soon, HHS is sending a clear message – failure to comply with HIPAA
Three lessons we can learn from increasingly common news of threats, cyber attacks, and security breaches.
We often see costly breaches caused by stolen laptops or equipment. There are usually simple steps the organization could have
Should You Wait for HHS to Come Calling? In February, Health and Human Services' Office for Civil Rights (HHS OCR)
Even companies who are doing “everything right” can be vulnerable to unforeseen gaps in security. Do you need cyber insurance?
Experts are calling it "catastrophic." The heart stopping news of this threat to security and compliance requires your attention.
When any IT or technical product reaches its end of life and support is halted, this leaves the tool vulnerable
Could the availability of your important sensitive data could come to a grinding halt with one wrong mouse click?
Mobile devices play a vital role in the effectiveness and efficiency of workflow but they can also pose a serious
Creating (and remembering) strong, secure passwords is not easy but it is critical to maintaining both the confidentiality and integrity
Healthcare providers will now have a little more time to meet compliance and to reap the financial benefits of being
As IT Security becomes more complex, more companies turn to specialized IT Security Firms for Managed IT Security Solutions.
Without adequate IT Security measures in place, you may be vulnerable to attacks through missing patches and zero day threats.
As a first line of defense, password management is critical to the overall security of your entire organization.
Microsoft has issued an IT Security warning to users of Microsoft Windows Vista, the Microsoft Office suite and other software.
Emily Williams nfiltrated a “Large Government Agency” using clever social engineering tactics. But Emily Williams doesn't exist. Read how
38 Million user IDs were compromised during the recent Adobe security breach exposing credit card data, billing address and names.
We thought Google was simply collecting street-view images but they were also collecting your information without consent.
Adobe back in the news: Oct 30, 2013 Update. What can you do to protect yourself from the Adobe IT
Risk Assessment is your first step to compliance. Get answers to questions like: "Does my company need a risk assessment?"
See how two stolen laptops containing PII for 1.2 million patients led to a multi-million dollar headache for on healthcare
By exploiting the wireless capabilities, Jack claimed that he could hack into implantable cardioverter defibrillators and pacemakers.
There is a growing population of young people attending Virtual School programs designed to allow students to learn at an
With the HIPAA Omnibus Final Rule now in full effect, being identified as a Business Associate (BA), or having to
Constantly evolving new technologies provide Cyber Criminals a never ending supply of new opportunities to get to your information.
The Embedded Systems Hacker Collective of "ethical hackers" has identified a major security flaw in the administration interface which
In conjunction with this Cyber Security Awareness Month, we share interesting facts about cyber-attacks.
Social Engineering is one of the most overlooked vulnerabilities for security breaches since it relies mostly on human interaction rather
Recently, Google announced that it would be willing to sign HIPAA Business Associate agreements (BAA) for organizations required to have
Prior to Patch Tuesday's inception, security updates were applied sporadically as Microsoft identified a vulnerability in the security of the
Millions of Adobe customer accounts have been breached. If you have an Adobe ID, please change your password right away.
Adobe has fallen victim to a major security breach to the sum of 2.9 million customers. Cyber attackers hacked into