Safe Browsing 101: What Is a Cross-Site Scripting Attack?

Safe Browsing 101: What Is a Cross-Site Scripting Attack?

Many users naively believe they can browse the Internet, and as long as they don’t click on anything, they are safe. Unfortunately, that is not the case. Cross-site scripting (XSS) attacks are one of many malicious threats looming in the web world—in fact, XSS vulnerabilities are rampant out there. Read and learn how to browse as safely as possible.

Read More

Learning from Equifax: 5 Ways to Guard Against Corporate Identity Theft

Learning from Equifax: 5 Ways to Guard Against Corporate Identity Theft

The recent Equifax credit bureau data breach has brought corporate identity (ID) theft to the forefront of our collective conscience; however, it's not just individuals at risk. Organizations, large and small, are tasked with storing an extensive amount of sensitive information in personnel files, human resources (HR) documents, and corporate collateral, putting them at risk for identify theft as well. Read these five tips on how to guard against corporate identity theft.

Read More

How to Improve PHI Compliance Without Alienating Patients

How to Improve PHI Compliance Without Alienating Patients

Securing electronic personal health information (ePHI) to maintain Health Insurance Portability and Accountability Act (HIPAA) and other regulatory compliance can be a challenging task. Doing so while ensuring patients feel welcome and confident in your organization’s data security practices is even more challenging.

Read More

Components of Cyber Resilience Part 3: Thinking Beyond Risk Management

Components of Cyber Resilience Part 3: Thinking Beyond Risk Management

In our two previous posts on cyber resilience (CR)—how you manage operational risk and protect your assets—we explored how a holistic approach is best practice for a security-minded organization. Continuing to build on that knowledge foundation, this third part in the series explores risk management, external dependencies management, training and situational awareness.

Read More

Components of Cyber Resilience Part 2: Thinking Beyond Vulnerability Management

Components of Cyber Resilience Part 2: Thinking Beyond Vulnerability Management

Cyber resilience (CR)—how you manage operational risk and protect your assets—is, or should be, the goal of every security-minded organization. Building on our previous CR post, let’s explore additional tenets of CR, including vulnerability, incident, and service continuity management.

Read More

Why Auditing External Service Providers Is A Must

Why Auditing External Service Providers Is A Must

Networks are often protected with security implementations that are developed using external service providers. So, how are you supposed to know if these providers have compromised your data? How do you go about auditing the security posture of external service providers? Here are a few best practices to help examine your risk exposure and, if necessary, take action.

Read More

Business Email Compromise Attacks Explained

Business Email Compromise Attacks Explained

Business email compromise (BEC) attacks are increasing at a staggering rate. These social engineering attacks are cleverly disguised and can fool even the best of them. So, what exactly is a BEC attack and how can you protect your company from falling victim?

Read More

Navigating the Data Security Breach Landscape in 2017 and Beyond

Navigating the Data Security Breach Landscape in 2017 and Beyond

According to the Ponemon Institute’s fourth annual study on data breach corporate preparedness, Is Your Company Ready for a Big Data Breach?, 52 percent of companies experienced data breaches in 2016. This is an increase of 33 since in 2013. A data security breach is an incident in which an unauthorized individual steals, uses, or views protected, sensitive, or confidential data, and data breaches affect organizations small and large across all industries. Learn about the biggest 2017 cybersecurity trends and how to mitigate breaches below.

Read More

HIPAA Audits: What You Need to Know

HIPAA Audits: What You Need to Know

The Health Insurance Portability and Accountability Act (HIPAA) regulates covered entities that include most health care organizations and professionals as well as the businesses they associate with, holding those entities to reporting and security requirements. HIPAA audits, including performance and security audits, ensure those entities effectively and efficiently remain in compliance with the regulation.

Read More