In its most recent Cybersecurity Newsletter, OCR focuses on the intersection of HIPAA and information security. To be sure, HIPAA requires covered entities and business associates to address their organizations’ information...more
On January 4, 2018, the National Health Information Sharing and Analysis Center (NH-ISAC) posted an announcement regarding the cybersecurity threats Meltdown and Spectre that were recently identified....more
Security researchers this week have found a new vulnerability that affects Wi-Fi Protected Access II, also known as WPA2, which is the security protocol used by many wireless networks. The vulnerability, Key Reinstallation...more
The Federal Trade Commission (FTC) has concentrated on small businesses this year with the launch of www.FTC.gov/SmallBusiness , which provides data security awareness information to small businesses. The site includes...more
In light of last week’s ransomware attacks overseas targeting hospitals and other providers, HHS is notifying providers in the United States of a warning issued by the United States Computer Emergency Readiness Team (US-CERT)...more
We have read multiple reports on WannaCry and if you are reading this and don’t know what WannaCry is, Google it for the background story. The clear message is this is not the last major attack we will see, and future attacks...more
While all companies should be concerned with their cybersecurity posture, companies in the aerospace, defense, and government services (ADG) industry are potentially subject to greater risks due to the industry's highly...more
New U.S. Computer Emergency Readiness Team (U.S.-Cert) guidelines around incident reporting went into effect this week (April 1, 2017). The guidelines require all federal departments and agencies, state, local, tribal and...more
Last week, the U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) released new guidance on reporting and monitoring cyber threats. The guidance urges covered entities and business associates to...more