Concluding this series… Your state’s privacy and breach notification statutes may differ from HIPAA regulations.
Part Two in a series on the fundamental questions about Incident Response tackles when and how a breach must be reported.
In Part One of a planned series of articles to look at Incident Response best practices, we start by discussing who is required to report a security incident to regulatory authorities, government agencies, or consumers/patients.
Floridians tell ourselves we are not really at risk for a hurricane. I hear the same sentiment from executives about their cyber security risk. We tend to downplay common threats but how dangerous could denial really be?
If (when) your company encounters an IT security incident or data breach, you will need every employee ready to respond quickly and effectively as appropriate for their position. Share these tips to be sure they’re ready.
Companies should have a policy that defines in specific terms what constitutes an information security incident, and provides a step-by-step process to follow when and if an incident should occur.
In any business, there are risks. There are risks in investment, risks in the introduction of new products or services, risks in bringing a new business idea to life, but there are also risks in the everyday operation of running a business.
Everybody understands the term ‘personalized healthcare’, it’s what we have naturally come to expect in the new age of consumerization, Customer Relationship Management and choice.
The FREAK vulnerability affects some implementations of SSL/TLS that may allow an attacker to decrypt secure communications between vulnerable clients and servers. Are your systems at risk?
Is your team prepared for a sudden data breach or security incident? If you do not have a documented, practiced plan you will find yourselves playing catch up resulting in higher recovery costs, time, and headaches.