At its core, compliance is about behavior. It's about whether your users utilize protected data sets in an appropriate manner. While most organizations focus on the establishing and assessment of the security controls around access, the true test of compliance revolves around having visibility into what users do with...
At its core, HIPAA compliance is simply about maintaining patient privacy by ensuring the appropriate access to and use of patient data by your users. Electronic Health Record (EHR) solutions provide detail around when patient data is accessed, but without visibility into what users do with sensitive patient data...
The annual Vulnerability Review analyzes the evolution of software security from a vulnerability perspective. Secunia Research at Flexera monitors thousands of applications, appliances and operating systems to test and verify vulnerabilities, while mapping the security threats to IT infrastructures.
Download this...
Facebook CEO Mark Zuckerberg informally met with U.S. lawmakers on Monday ahead of two congressional hearings, where he is expected to face a bruising examination. One senator was blunt with Zuckerberg, contending that on data privacy "Facebook failed us."
Employees are a critical part of an organization's defense against many IT security threats. Just as having the correct technology solutions is important, training personnel to recognize security threats is a critical part of any security strategy.
But what constitutes effective security awareness training?...
Cryptojacking, the infiltration of malware to enable browser-based mining of cryptocurrencies on infected websites, is on the rise. What can be done to minimize the impact of these intrusions?
With Alabama and South Dakota recently becoming the last two states to adopt breach notification laws, notification processes become more complicated, says privacy attorney Adam Greene, who offers an in-depth analysis.
The recent data breach impacting 150 million user accounts of Under Armour's MyFitnessPal application and website offers important lessons for mobile app developers, security expert Joan Pepin explains in this interview.
Most businesses have trouble keeping up with today's constant barrage of cyber threats. Many are turning to MSSPs (managed security services providers) to protect their networks cost-effectively and reliably. But choosing an MSSP requires thought and research.
Not all offer the same levels of protection, so you...
Choosing the right password solution for your business means defining your unique needs, and finding the product that best delivers on those needs while answering two fundamental questions: Is it safe and reliable? Does it help achieve your security goals while enforcing better policies?
Download this whitepaper...
This eBook gives an in-depth look at how organizations with limited resources can set up a successful operations center for monitoring, detecting, containing, and remediating IT threats across applications, devices, systems, networks, and locations.
Download to gain insight to:
How threat intelligence is used in...
Security Information and Event Management (SIEM) platforms provide real-time correlation of events generated from network security controls.
This guide will explain what SIEM is (and isn't) and how to get up and running with it quickly and painlessly.
Download this whitepaper to learn everything you need to...
CynergisTek's 2018 report aggregated ratings from security assessments performed at hundreds of healthcare organizations in 2017 to reveal an average 45% conformance with NIST Cybersecurity Framework (NIST CSF). The report found that of the NIST CSF five Core Elements, organizations had the lowest ratings in detecting...
In spite of all the news about advanced persistent threats and targeted hacks from nation-states, the most common security challenge facing enterprises today continues to be social engineering.
Successful hackers know the user is the weakest link in the security chain. Email phishing campaigns have proven to be...
The website of India's Ministry of Defense was hacked Friday evening. Although officials suspect Chinese hackers were involved, some security experts say that's unlikely.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.