by Trapper Brown | Jul 29, 2022 | Blog
Insider threats are among the leading cyber issues facing the healthcare industry today. Since the pandemic, attackers are taking advantage of remote workforces, bring-your-own devices (BYOD), and rapidly adopted technologies to launch an alarming amount of ransomware...
by Henry Sprafkin | Jun 7, 2021 | Blog
The first two installments in this series focused on risk management and risk-based control selection. While not a requirement, it is best to build the security control library based on an established control framework. There are over 200 different risk management,...
by Jon Moore | May 17, 2021 | Blog
Under the HIPAA Security Rule, covered entities and business associates are required to perform risk analysis on all systems that create, receive, maintain, or transmit electronic protected health information. In 2010, the Office for Civil Rights (OCR) published...
by Chris Dowhan, OSCP, GREM, GWAPT | May 11, 2021 | Blog
Today’s modern threat landscape is constantly evolving. Determined, opportunistic, and well-resourced threat actors continue to develop tools, tactics and techniques aimed at gaining access to systems, stealing data, and/or installing ransomware. And...
by Henry Sprafkin | Apr 21, 2021 | Blog
In my first blog in this series, I focused on how Business Associates can ensure the data they interact with on behalf of customers remains secure and confidential. I shared thoughts on the importance of risk analysis and how to focus resources on the most impactful...
