Phase I and II HIPAA audits and over 100 Office for Civil Rights (OCR) enforcement actions continue to show that nearly 90% of healthcare organizations fail to meet the HIPAA Risk Analysis requirement and around 80% of these organizations failed to meet the HIPAA Risk Management requirement as well. We delve into the...
From both a regulatory and a security perspective, it’s not enough to simply perform a risk analysis. The HIPAA Security Rule requires and today’s rapidly evolving threat landscape demands that organizations respond to the risks identified appropriately and effectively. We outline a best practice approach to risk...
FBI Director Christopher Wray and MI5 Director General Ken McCallum put business and academic leaders on alert over Chinese government-led intellectual property theft, telling an audience in London to think twice about doing business with Beijing.
Many of the principles for defending your IT environment apply to industrial control systems (ICS), supervisory control and data acquisition (SCADA) systems and other OT. But securing OT has additional complexities and considerations.
We’ve created this resource guide with more than 80 useful reference links,...
Compare your scores to industry peers for key industrial security protections.
Attacks on Critical Infrastructure are on the rise. Organizations need to leverage modern industrial security practices to avoid preventable breaches and the costly downtime, damage and public safety risks they cause. This quick...
A Zero Trust strategy means there are no trusted users or assets, everything is checked and verified before access is granted for a limited time. This guide will help you and your team establish the right environment for a successful Zero Trust program.
As you grow your third-party ecosystem, it is increasingly difficult to manage and mitigate cyber risk to meet your security standards. Onboarding a new vendor, assessing existing 3rd parties, and trying to clearly communicate security performance across the organization are relentless yet necessary tasks. BitSight...
Its all-hands-on-deck when a massive vulnerability such as Log4Shell arises, or a vendor announces a newly discovered breach. When headline events happen, security teams must act quickly to determine whether or not their environment has been impacted, then respond appropriately.
Responding to major new cyber events...
Organizations that work with or within the healthcare industry need to prioritize and manage security and privacy-related risk and compliance programs. As the global standard for safeguarding information, HITRUST delivers a scalable, prescriptive, and certifiable framework that enables organizations to demonstrate...
Cyber Risk Analytics is Flashpoint's data breach research team that since 2013 has analyzed incidents and trends. Inga Goddijn, who heads that team, opens up on ransomware, Russia's invasion of Ukraine and why so much of successful defense still comes back to getting the basics right.
Trust is the currency of today’s digital economy. Businesses that earn and keep that trust, thrive – and those that don’t, struggle. With more than 5 billion users conducting their lives online, the opportunities for businesses to earn – and lose – trust are endless. In 2021, for the first time ever,...
IoT, cloud migrations, endpoint proliferation, hybrid workplaces - how are organizations in the pharmaceutical industry adapting to this new threat landscape? Troy Ament and Aidan Walden of Fortinet discuss the cybersecurity gaps specific to SAP deployments and how to fill them.
Brinqa commissioned Forrester Consulting to conduct a Total Economic Impact™ (TEI) study and examine the potential return on investment (ROI) enterprises may realize by deploying Brinqa. The purpose of this study is to provide readers with a framework to evaluate the potential financial impact of Brinqa on their...
Managing risks begins with measuring risks. But how do you measure risks accurately? How do you share your findings in a meaningful way to both technical and non-technical audiences?
When measuring risk, the focus should be on what’s meaningful to your audience. And for the most important decisions about...
Executives are required to make “data-driven” decisions; Metrics, Objectives & Key Results (OKRs), Key Performance Indicators (KPIs) – however you define being data-driven – to measure security program effectiveness, and frame their conversations to the board, partners, and company at large.
Yet, there...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.
