Government Requests for Information from Google

Careful what you search for… Until Edward Snowden blew the whistle on government spying, most Americans were blissfully unaware of how much of our personal lives is monitored by ‘Big Brother’ in... [ read more ]

Cybersecurity is about People, Not Just Processes

It has become abundantly clear that the issue of cybersecurity is not going away anytime soon. Every day, it seems that the number of vulnerabilities and risks organizations are susceptible to increases,... [ read more ]

Study Highlights Source of Health Care Security Vulnerabilities

It seems as if very few industries, and even fewer businesses, are confident in their overall ability to adequately respond to and defend against cyberattacks. But some sectors are significantly more ill-prepared... [ read more ]

Attacks on Energy Sectors Intensify

As those with a vested interest in cybersecurity are well aware, the Energy Sector is considered one of the most key sectors in our critical infrastructure. Without electricity, no matter how it... [ read more ]

Why attack banks?

When asked why he robbed banks, Infamous bank robber Willie Sutton is often quoted as having said “Because that’s where the money is”. It would appear that hackers around the globe have... [ read more ]

Law Enforcement Cybercrime Series Tools, Tactics & Techniques Social Engineering: Dumpster Diving/Extortion

Those of us charged with protecting the citizens of the United States will not like this story but it happens often enough that we should understand the social engineering aspects of it. ... [ read more ]

Cybersecurity – Control of Portable Media and Devices Part 2

Last week I provided an overview of portable media and noted that while it is convenient, it can also be a pathway for malware to enter a digital system. To protect your... [ read more ]

Cybersecurity – Control of Portable Media and Devices Part 1

Portable media is anything that can be used to hold information in a form that a computer may read. This information can be manually exchanged between computer based devices. It can be... [ read more ]

Office of Civil Rights HIPAA Privacy, Security, and Breach Notification Program

On March 21st the Office of Civil Rights (OCR) announced the launch of Phase 2 of the HIPAA Audit Program. Phase 2 of the HIPAA Audit Program will review the policies and... [ read more ]

Consider Adding the CISSP to Your Credentials

For many years the credential Certified Information Systems Security Professional or (CISSP) has been THE certification that those with a vested interest in cybersecurity have sought to attain. The CISSP credential is... [ read more ]

FDA Draft: Postmarket Management of Cybersecurity in Medical Devices

The FDA recently released new guidance for managing cybersecurity in medical devices. The guidance emphasizes the manufacturers need to monitor, identify, and address cybersecurity vulnerabilities and exploits. This document is guidance and... [ read more ]

OCR Releases Crosswalk between HIPAA Security Rule and NIST Cybersecurity Framework

On February 24th the Office for Civil Rights (OCR) in conjunction with the National Institute of Standards and Technology (NIST) and the Office of the National Coordinator for Health (ONC) released a... [ read more ]

By Order of the President

Today President Obama signed an Executive Order that seeks to modernize the digital system in the federal government and increase cybersecurity. The order lays the groundwork for establishing a federal privacy council... [ read more ]

Cybersecurity – Incident Response

People and organizations tend to focus on methods to prevent cyber attacks on their digital systems. While prevention is an important aspect of cybersecurity, it does not address an equally important piece... [ read more ]

EHNAC Releases Final 2016 Criteria Versions for 18 Accreditation Programs

The security of the data that rests in the servers of the health care industry is of great concern to the general public and government agencies. Assuring that the data remains confidential,... [ read more ]