As threats to the security of high-value information become more sophisticated and attacks on IT networks grow more aggressive and persistent, so too does the emphasis on regulations intended to set standards for data management and security. As a result, compliance programs have become a priority for responsible organizations. This is especially true in healthcare, where the combination of personal health information (PHI) and financial data represents the crown jewels for hackers seeking to cash in on the high prices such files fetch on the black market. The fast pace of innovation from within the technology industry and hacker communities […]
We have provided our recent “Compliance is NOT Security” webinar slides for your viewing. These slides provide valuable information on both compliance and security that are beneficial to all organizations.
It’s a sellers’ market for personally identifiable data on the “dark web,” where stolen information is anonymously bought and sold. Like all savvy business people, hackers go where the money is; right now the hottest selling commodity is medical record data—going for as much as $60 per record. To put that in context, in its heyday, a single set of credit or debit card data could fetch anywhere from $20 to $125. But the market for card data has taken a nosedive. You can pick up a set for as low as $1 each—or $.22 for data sold in bundles. […]
Cyber space is the modern frontier and cyber security is the modern healthcare organization’s most treacherous battlefield. Data is one of your most precious resources and your attackers will do anything they can to get their hands on it. In 2014 alone, a record-breaking 47% of American adults had their data hacked.1 The landmark Anthem attack has drawn intense scrutiny and pressure on the healthcare industry, highlighting healthcare as a high-risk target. And the FBI has issued a private industry notification warning that healthcare systems suffer an acute risk of cyber attack for financial gain and are more vulnerable to attack than financial and government sectors. Patient’s […]
An Insider Threat comes in all shapes and sizes. This is why it’s proving to be such a hard nut to crack for IT. Virtually anyone with approved access to your corporate network or data stores is an insider. Their motivation, behavior, and/or negligence is what converts them from an insider to an Insider Threat. The potential risks associated with an Insider Threat are particularly frightening because insiders already have the necessary credentials and access to do significant damage to your business. Traditional data security tools such as encryption are meaningless. An insider is already authorized to bypass these security measures in […]