Are you still using SSL encryption or TLS v1.0? If so, you’re putting your business at greater risk.
Fully understanding all the PHI you have, where it is stored, what processes touch it, and how it is used in your organization is critical to enabling a business to properly manage PHI.
Securing your healthcare organization should be a priority. Healthcare organizations are especially vulnerable to attacks because they cannot afford to be shut down.
This blog will discuss 3 infosec projects that are under $100 to get you started in Cybersecurity or Infosecurity by giving you hands-on experience to develop your skills.
HIPAA laws and cybersecurity are not simple. To ensure your institution never has a false sense of security, we created our seventh edition Guide to HIPAA Compliance.
Know exactly where CHD is coming from and being sent to, inside and outside of your organization.
It is important to know what data you actually store, process, and/or transmit.
As you implement your cybersecurity program, make sure you understand why a security control is required so you can structure tools and processes around the protection each control offers.
You are required to use industry-accepted configuration and hardening standards when setting up systems that are part of your PCI scope.
The Self-Assessment Questionnaire (SAQ) B-IP is intended for payment channels where cardholder data is processed using IP-connected PTS-approved point-of-interaction terminals.
In 2023, we've got three predictions of cyber attacks that we think will be the most prevalent this year
Third-party security risk management (TPRM) is the process of analyzing and addressing risks associated with outsourcing to third-party vendors or service providers.
The HIPAA minimum necessary rule helps covered entities manage healthcare information by requiring them to limit access to and disclosure of PHI.
Many healthcare entities haven’t yet separated the difference between the HIPAA Security Rule and HIPAA Privacy Rule.
Not all approved scanning vendors are created equal
The most commonly asked customer questions about the vulnerability scanning process.
When delete doesn’t actually delete, it can increase your vulnerability.
HIPAA compliance is a process, not a destination . . . but it doesn’t hurt to know your timeframe.
Learn the fundamentals of vulnerability scanning, especially for PCI compliance requirements.
Learn why your firewall may make you vulnerable and how SecurityMetrics Managed Firewall can help.
In order to comply with PCI Requirement 8, you need to practice proper password and username management.
If you are a service provider who stores credit card data, PCI SAQ D likely applies to you.
.svg)
