A Shift Toward a Human-Centric Approach to Information Security
Every IT security department's job, to protect data, has become more challenging as the security perimeter has dissolved with the adoption of cloud applications. The traditional threat-centric approach is to apply rigid policies to a dynamic...
The European Union's (EU's) General Protection Regulation (GDPR), which began enforcement on May 25, 2018, dramatically increases the penalties for failing to properly protect users' personal . The maximum fines that can be leveraged against an organization eclipse penalties that have been imposed in the past; they...
Coupled with HIPAA and other regulatory requirements that make securing protected health (PHI) paramount, healthcare organizations have no shortage of serious considerations that must be adequately addressed to ensure patient and safety.
To find out what considerations are weighing heaviest on the minds of...
At its core, compliance for HIPAA is simply about maintaining patient privacy by ensuring your users appropriately access and use patient data. Electronic Health Record (EHR) solutions provide detail around when patient data is accessed.
The challenge, however, is the lack of visibility into what users do with...
Now that your organization is faced with the realities of GDPR, it's time to clear up any lingering questions you still have regarding the new regulations and how they're impacting your organization's policies.
Download this FAQ to learn more about:
What exactly GDPR regulates;
The extent of the effect that...
Now that your organization is faced with the realities of GDPR, it's time to clear up any lingering questions you still have regarding the new regulations and how they're impacting your organization's security policies.
Download this FAQ to learn more about:
What exactly GDPR regulates;
The extent of the effect...
Incident response is a critical pillar of an effective endpoint security program, one that will gain importance as GDPR enforcement comes into play on May 25. Organizations must be ready to react if and when an incident occurs in order to meet the stringent requirements that apply during an incident.
Despite the millions of dollars companies invest in cybersecurity programs, advanced persistent attackers constantly devise new means of breaking into corporate environments.
How can deception technology offer a new alternative?
The key to deception technology is to deter lateral movement inside a network. On...
Cybercriminals are organized, well funded, and highly motivated. They are deploying advanced malware, leveraging cloud-based computing resources, and developing cutting edge tools to attack your organization's data.security defenses.
The proliferation of online devices accessing personal and financial information,...
Cloud providers have transformed from offering a fringe platform utilized by courageous companies on technology's leading edge into a cloud-first, standard, go-to approach for running all sorts of business-critical systems. According to IDC, nearly 50% of IT infrastructure spend will be on private/public clouds by...
At its core, HIPAA compliance is simply about maintaining patient privacy by ensuring the appropriate access to and use of patient data by your users. Electronic Health Record (EHR) solutions provide detail around when patient data is accessed, but without visibility into what users do with sensitive patient data...
Choosing the right password solution for your business means defining your unique needs, and finding the product that best delivers on those needs while answering two fundamental questions: Is it safe and reliable? Does it help achieve your security goals while enforcing better policies?
Download this whitepaper...
In spite of all the news about advanced persistent threats and targeted hacks from nation-states, the most common security challenge facing enterprises today continues to be social engineering.
Successful hackers know the user is the weakest link in the security chain. Email phishing campaigns have proven to be...
The high-profile breaches of Fortune 100 companies are the ones that get the headlines, but small and midsized businesses should not breathe any sighs of relief. They are very much still targets, says Austin Murphy of CrowdStrike. He offers cybersecurity advice to SMBs.
The GDPR regulation will be enforced beginning May 25, 2018 and for many organizations, the initial transition to GDPR compliance is likely to be a lengthy and challenging process that will require regular reevaluation based on continued reassessment of the risks.
The role of network security in preventing...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing ffiec.bankinfosecurity.com, you agree to our use of cookies.