The New York State Department of Financial Services (DFS) has been closely monitoring the ever-growing threat posed to information and financial systems by nation-states, terrorist organizations, and independent criminal actors, particularly against financial services organizations. In response, DFS established a set of rules and regulations...
In order to protect their supply chain and its sensitive data, the United States Department of Defense (DoD) developed a cybersecurity standard, the Cybersecurity Maturity Model Certification (CMMC). The original version has been updated to CMMC 2.0, which replaced the original requirements. While it will take...
In 2013, the National Institute of Standards and Technology (NIST) was directed to create a “voluntary framework—based on existing standards, guidelines, and practices — for reducing cyber risks to critical infrastructure.” Government agencies and contractors were required to implement cybersecurity programs defined in NIST Special Publications...
HIPAA (Health Insurance Portability and Accountability Act of 1996) is nothing new for healthcare organizations. The legislation ensures patient data is secure and kept private due to its sensitive nature. Therefore, it’s an obvious and natural concern for the 800,000 or so organizations across the...
The Health Insurance Portability and Accountability Act (HIPAA) Security Rule that protects electronic data went into effect in 2005, but small and midsize healthcare organizations are still struggling to comply with the law. They are confused and fear the Security Rule because they don’t have the...
Battling cybercrime is an ongoing effort for every organization. It requires vigilance and attention to detail to maintain defenses against enemies looking to exploit every chink in the armor to penetrate corporate networks and do bad things. SMBs are particularly susceptible to cybercrime because of their limited...
HIPAA (Health Insurance Portability and Accountability Act of 1996) is nothing new for healthcare organizations. The legislation ensures patient data is secure and kept private due to its sensitive nature. Therefore, it’s an obvious and natural concern for the 800,000 or so organizations across the...
Millions of companies fall under specific industry IT security and privacy regulations such as PCI, HIPAA and GDPR. However, those not REQUIRED to be in compliance with these standards should act is if they are – being in compliance is good security and data privacy discipline. There are many areas of liability...
HIPAA presents a tremendous opportunity for MSPs to gain new customers and increase revenues through ongoing HIPAA compliance assessments. If you’re a managed service provider looking to increase or build your HIPAA compliance business, you should be aware of the some of the most common...
Right from the beginning, it seemed everyone was overly optimistic about how fast the Cybersecurity Maturity Model Certification (CMMC) could be rolled out across the defense industry to ensure the requirements could be included in all defense contracts starting in 2025. The only things that...