Blog Listing

The NIST Privacy Framework: How to Mitigate Risk and Align Security Efforts
Discover how the new NIST Privacy Framework aligns with the Cybersecurity Framework to simplify your compliance, security, and privacy efforts.
Are you using the right vendor remote access tool? lessons from the texas connectwise ransomware attack
Are you using the right vendor remote access tool? lessons from the texas connectwise ransomware attack
Nearly six months after the Texas mass ransomware attacks that took down operations at 22 small Texas cities, we still talk about it pretty regularly. That's the type of impact a mass ransomware attack can have.
Imprivata OneSign 7.1 Introduces Secure Walkaway Technology
Imprivata OneSign 7.1 Introduces Secure Walkaway Technology
Imprivata, the healthcare digital identity company, has been at the forefront of digital transformation in healthcare.
Why third-party risk management matters
Why third-party risk management matters
We’ve made it through one full month of the New Year and the outlook for terrorism-related cyber incidents is already pretty stormy. During the standoff with Iran, cyberattacks were listed as one of their top possible responses.
Why MSPs should care about cybersecurity
Why MSPs should care about cybersecurity
As a Managed Service Provider (MSP), there are many things you need to focus on to be successful in your business. You have to be a subject matter expert in your particular area in order to convince companies to outsource that function to you, customer service is always important, and response time and time to resolution are critical metrics that organizations will evaluate when deciding whether or not to continue your service.
How to survive a cybersecurity audit
How to survive a cybersecurity audit
If you’re in a regulated industry or serve customers that are, sooner or later you will probably have auditors examine your cybersecurity setup. This may be on the behalf of clients, or for your own internal corporate governance.
The risks of business associates and HIPAA compliance
The risks of business associates and HIPAA compliance
In May 2019, the American Medical Collection Agency (AMCA), a "business associate" of a number of healthcare providers, reported an eight-month data breach had exposed sensitive information for more than 20 million patients.
What every business needs to know about PCI compliance
What every business needs to know about PCI compliance
For any business accepting, processing, storing, or transmitting credit card information, PCI DSS compliance should be at the top of its must-do list. The Payment Card Industry Data Security Standard is a set of rules established to create a secure environment within all companies that accept credit card payments.
Multi-factor authentication is an underutilized tool in protecting against privileged credentials breaches
Multi-factor authentication is an underutilized tool in protecting against privileged credentials breaches
While it’s no surprise that nearly every major data breach of the last few years has involved the use of privileged credentials, it is surprising that one of the most effective security measures remains underutilized.
An epidemic of ransomware washes over healthcare
An epidemic of ransomware washes over healthcare
Normally, the only types of epidemics that healthcare organizations fight are the microbial kind. But lately, they have been hit with a rash of ransomware attacks, crippling their IT systems and demanding payments to unlock the encrypted system.
The hidden cost of a data breach caused by third parties
The hidden cost of a data breach caused by third parties
As data breaches within private organizations and government entities continue to rise, the expenses to recover from them are escalating at an exponential pace. With third-party breaches, there can be additional costs beyond the usual financial, regulatory, and reputational damage that an internally caused data breach can bring.
HIPAA compliance: What healthcare administrators need to know
HIPAA compliance: What healthcare administrators need to know
According to a report from Duo Security, 56% of healthcare companies across the U.S. are still operating on legacy operating systems and software. In case you’re not familiar with the term, legacy is just another word for outdated. In the world of cybersecurity, outdated usually means vulnerable to a cyberattack.
Setting up a vendor management program
Setting up a vendor management program
Vendor management is a process or solution that allows organizations to optimize and secure the introduction and ongoing operations of third-party service providers into their business operations.
PAM vs. VPAM…What’s the difference?
PAM vs. VPAM…What’s the difference?
Privileged Access Management (PAM) is a newer technology within the Identity and Access Management (IAM) space that focuses on applying additional controls and protections on accounts with privileged or administrative rights.
How can you avoid the roadblocks in the way of your IAM and PAM project implementation?
How can you avoid the roadblocks in the way of your IAM and PAM project implementation?
Privileged Access Management (PAM) consistently receives recognition as the most important and impactful cybersecurity consideration. This is due to the criticality of privileged credentials and the need to protect them.
Vendors and network vulnerability, part 2: Tools to reduce risk in vendor remote access
Vendors and network vulnerability, part 2: Tools to reduce risk in vendor remote access
In Part 1 of this blog post, we examined the risks inherent in using certain types of vendor remote access software, and the potential damage that can occur due to vendor caused network risks.
How providers can improve healthcare vendor management
How providers can improve healthcare vendor management
As the healthcare sector continues to adopt new technologies, their reliance on remote and cloud-based services has also exponentially increased. While relying on third-party vendors to provide more efficiency and state-of-the-art care and management, providers must also put more emphasis on healthcare vendor management.
Top vendor management processes to automate
Top vendor management processes to automate
Managing vendor access into your network and systems is becoming a more critical job as news about third-party breaches seems to break almost daily and regulatory focus on third-party risk is intensifying.
Types of remote access: Benefits & disadvantages
Types of remote access: Benefits & disadvantages
When an organization needs to provide employees or third parties remote access to its network, there are a number of solutions available. In this post, we’ll discuss the most popular types of remote access - VPNs, desktop sharing, PAM, and VPAM.
What's the most vulnerable part of your network?
What's the most vulnerable part of your network?
Researchers at DEF CON demonstrate the most “vulnerable part of your network” could be your SSL VPN. Last Friday at the annual DEF CON and Blackhat security conferences, Taiwanese security researchers Orange Tsai and Meh Chang revealed two new flaws in major vendor’s SSL VPN products.