Ransomware: Risk & relief cyber report
How endpoint security solutions mitigate ransomware threats.
Risk
Insights
Risk
News and insight on technological and organizational resilience to help your business operate with confidence.
 | Act now: SEC adopts cybersecurity and disclosure rules for public companiesNavigating SEC cybersecurity disclosure rules – essential actions for public companies |
Global Cyber Report: Is your safety net strong enough?Cyber threats are all around us. This is not paranoia, it’s an unfortunate reality: every day brings new hacks, new data leaks, new embarrassment – and new costs, both financial and commercial. Nobody is spared. The attacks target companies large and small, as well as public-sector institutions and individuals. How can organizations protect themselves?
|
 |
Future-proofing cybersecurity in a digital world
In a world that has become reliant on digital technology, most organizations’ current cybersecurity strategies are no longer enough to combat threats. Future-proof your business by understanding and mitigating cyber risks.
Evolving role of audit committees
In a rapidly changing business environment characterized by evolving social needs and emerging technologies, the role of audit committees is undergoing significant transformation.
The case for HITRUST certification
Healthcare organizations are attractive targets for criminals who steal, ransom and disclose protected health information (PHI). In fact, according to the HIPAA Journal, there were 75 data breaches of 500 or more records in May 2023 alone, resulting in over 19 million records being exposed or impermissibly disclosed.
SEC cybersecurity rules impact public companies
The Securities and Exchange Commission (SEC) has adopted rules requiring public companies to disclose all cybersecurity breaches within four days that could affect their bottom lines. Delays will be allowed if immediate disclosure poses serious national security or public safety risks.
What you need to know about cyber testing
There are many root causes today of corporate crises and financial challenges. Often, cybercrime takes center stage because companies rely on sensitive computer infrastructures with global data access and critical electronic file storage systems.
Healthcare organizations should expect breaches
A data breach for healthcare organizations is very likely.
Responding to a cyber breach for healthcare orgs
Cyberattacks on healthcare organizations, especially health systems, are increasing dramatically.
Understanding GDPR
One of the largest and most significant pieces of privacy legislation is the General Data Protection Regulation (GDPR), which was enacted in 2016 and became enforceable in 2018. GDPR applies to citizens of European Union (EU) member states; it’s also enforceable beyond the EU member states’ borders, particularly for multinational organizations who process or control the personal data that could identify...
Managed Detection & Response
Living and working in a digitally connected world, networks are routinely at risk of being compromised.
Understanding PCI DSS Compliance
The Payment Card Industry Data Security Standard (PCI DSS) is a global standard for protecting payment (i.e., credit and debit) cards that applies to all merchants and service providers, even those that don’t directly handle the payment transaction itself. PCI DSS is a mature standard that just saw version 4.0 released in 2022; the latest version includes an extensive set of requirements to secure...
Protecting against the rising number of ransomware
Ransomware attacks increased by 13% between 2020 and 2021, according to the 2022 Verizon Data Breach Investigation Report (DBIR). This leap is greater than year-over-year increases in the previous five years combined. These attacks are here to stay, and they’re becoming more advanced and difficult to prevent.
Two paths to ensure HIPAA compliance
There is a longstanding trend of healthcare providers embracing digital technologies to manage, access, share, and store patient information. Consequently, there is an industrywide need to ensure that digital ecosystems are compliant with regulations, particularly the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and its various updates, including the HITECH Act of 2009 and the...
Privacy impact assessment – When, how, what
Privacy Impact Assessment (PIA), primarily a North American concept around security, has been used since the 1990s, but now focuses on modern privacy risk. The EU GDPR uses the term Data Protection Impact Assessment (DPIA) to specifically assess the risk of individual rights or freedoms if a person’s data was exposed.
Conducting a compliance program assessment
A functioning Compliance Program is the first line of defense for a Medicare Shared Savings Program (MSSP) Accountable Care Organization (ACO) to prevent, detect and correct noncompliance.
Cyber-risk audits
As the spate of cybersecurity breaches garners greater attention, organizations have made enormous strides in curbing such incidents.
Industry-specific thought leadership
Cyber-risk audits
As the spate of cybersecurity breaches garners greater attention, organizations have made enormous strides in curbing such incidents.
Conducting a compliance program assessment
A functioning Compliance Program is the first line of defense for a Medicare Shared Savings Program (MSSP) Accountable Care Organization (ACO) to prevent, detect and correct noncompliance.
Privacy impact assessment – When, how, what
Privacy Impact Assessment (PIA), primarily a North American concept around security, has been used since the 1990s, but now focuses on modern privacy risk. The EU GDPR uses the term Data Protection Impact Assessment (DPIA) to specifically assess the risk of individual rights or freedoms if a person’s data was exposed.
Two paths to ensure HIPAA compliance
There is a longstanding trend of healthcare providers embracing digital technologies to manage, access, share, and store patient information. Consequently, there is an industrywide need to ensure that digital ecosystems are compliant with regulations, particularly the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and its various updates, including the HITECH Act of 2009 and the...
Protecting against the rising number of ransomware
Ransomware attacks increased by 13% between 2020 and 2021, according to the 2022 Verizon Data Breach Investigation Report (DBIR). This leap is greater than year-over-year increases in the previous five years combined. These attacks are here to stay, and they’re becoming more advanced and difficult to prevent.
Understanding PCI DSS Compliance
The Payment Card Industry Data Security Standard (PCI DSS) is a global standard for protecting payment (i.e., credit and debit) cards that applies to all merchants and service providers, even those that don’t directly handle the payment transaction itself. PCI DSS is a mature standard that just saw version 4.0 released in 2022; the latest version includes an extensive set of requirements to secure...
Managed Detection & Response
Living and working in a digitally connected world, networks are routinely at risk of being compromised.
Understanding GDPR
One of the largest and most significant pieces of privacy legislation is the General Data Protection Regulation (GDPR), which was enacted in 2016 and became enforceable in 2018. GDPR applies to citizens of European Union (EU) member states; it’s also enforceable beyond the EU member states’ borders, particularly for multinational organizations who process or control the personal data that could identify...
Responding to a cyber breach for healthcare orgs
Cyberattacks on healthcare organizations, especially health systems, are increasing dramatically.
Healthcare organizations should expect breaches
A data breach for healthcare organizations is very likely.
What you need to know about cyber testing
There are many root causes today of corporate crises and financial challenges. Often, cybercrime takes center stage because companies rely on sensitive computer infrastructures with global data access and critical electronic file storage systems.
SEC cybersecurity rules impact public companies
The Securities and Exchange Commission (SEC) has adopted rules requiring public companies to disclose all cybersecurity breaches within four days that could affect their bottom lines. Delays will be allowed if immediate disclosure poses serious national security or public safety risks.
The case for HITRUST certification
Healthcare organizations are attractive targets for criminals who steal, ransom and disclose protected health information (PHI). In fact, according to the HIPAA Journal, there were 75 data breaches of 500 or more records in May 2023 alone, resulting in over 19 million records being exposed or impermissibly disclosed.
Evolving role of audit committees
In a rapidly changing business environment characterized by evolving social needs and emerging technologies, the role of audit committees is undergoing significant transformation.
Future-proofing cybersecurity in a digital world
In a world that has become reliant on digital technology, most organizations’ current cybersecurity strategies are no longer enough to combat threats. Future-proof your business by understanding and mitigating cyber risks.
Ransomware: Risk & relief cyber report
How endpoint security solutions mitigate ransomware threats.