You’ve likely heard about organizations having a culture of compliance but not as much about having a culture of cybersecurity. Yet as threats to our sensitive data’s privacy and security ratchet into the red, it’s the perfect time to create a cybersecurity culture that protects your organization ...

Data breaches aren’t just a problem for security professionals. The impact is felt across the whole business—from your legal team, embroiled in litigation, to your frontline employees, who can’t access the tools they need to do their jobs. Everyone needs to play their part in managing the risks, as ...

Did you know that small to medium-sized businesses (SMBs) may have a higher cybersecurity risk than larger counterparts when you consider employee-to-breach ratios? Recent reports show that SMBs, businesses with 20 to 500 employees, are more at risk specifically due to phishing malware and the lack ...

Is news of a data breach becoming “white noise”? Thanks to the sheer frequency of data breaches, the general attitude toward online security is becoming more “Meh” than “OMG.” That attitude, called breach fatigue, only ups the risk to our sensitive data.

Cyber experts like former Federal CISO Gregory Touhill feel that managing risk is paramount to, and more effective than, trying to defend everything, data-wise. He goes so far as to quote Frederick the Great, saying, “He who defends everything defends nothing.” That thought definitely applies to ...

No matter the criticism of the “rush job” regarding the newly passed AB375, the California Consumer Privacy Act, its underlying purpose makes it the strongest privacy law of any in the US. The Act places personal information privacy at the pinnacle for protection. No longer do strict privacy ...

That’s a million dollar question. No, really, it could literally cost you millions not to know. In doubt? Fresenius isn’t. It’s cost the dialysis chain a $3.5 million settlement for data breaches in 2012. The resolution agreement cites instances of unauthorized access and “impermissible ...

It’s not uncommon today for businesses to outsource certain services to third-parties. However, with outsourcing, the risks of the service organization are inherited by the company who hired them. In some cases, a third party vendor may be a crucial part of your business operations.When it comes to ...

No one ever looks forward to a compliance audit. However, there are steps you can take to alleviate some of the pains felt before an audit, and it all comes down to proper preparation. By building compliance processes into your internal structure, audits can become relatively painless - as well as ...

What’s your current approach to compliance? Policies and procedures in place, a security risk analysis every eighteen months, and an annual slide presentation for employees on HIPAA basics? With our increased reliance on data, as well as changing compliance rules and regulations, that's no longer ...

HITRUST (Health Information Trust Alliance) and NIST (National Institute of Standards and Technology) recently announced that they have teamed up and developed a certification designed to make it easier for security and compliance teams to demonstrate how they have implemented the framework. The ...

After more than two years dealing with the menace of being held hostage by ransomware, cryptominers are the last thing healthcare IT and security departments want to hear about. But the evolution of cyberthreats continue, with an April 2018 publication from HIMSS citing a recent report that the Q1 ...

When it comes to HIPAA compliance and cybersecurity, the danger comes with thinking one assures the other. It doesn’t. Just skim the daily headlines to know that the risk ransomware and human error bring to sensitive healthcare data proves that HIPAA alone is not enough to protect ePHI. It’s true ...

On Tuesday April 22nd, myself and Ostendio’s CEO, Grant Elliott, attend DCA LIVE’s 2018 BIG Cyber Growth Summit. As a cybersecurity product company headquartered in the greater Washington DC area, I found it very interesting to learn that only 11% of the 177-pure play cyber firms sell a product – ...

Study Shows that Healthcare's Internal Security Breaches Exceed External Ones Was that Lady Gaga in the emergency room? What kind of procedure is my ex having? If you’re a healthcare organization, curiosity is one reason why your employees are a data security threat. Yes, the recent Verizon DBIR ...