No Password Required: Chief Adversarial Officer at Secure Yeti, a DEF CON Groups Global Ambassador, and a World-Class Awkward Hugger
Digital Planning Podcast Episode: When Cyber Attacks Hit Home
Overview of Cybersecurity in Government Contracts
Cybersecurity: What Healthcare Providers Need to Know
No Password Required: The Teenage CEO of Girls Who Hack and Secure Open Vote, Who Is as Comfortable Behind a Mic as She Is Behind a Keyboard.
2022 DSIR Deeper Dive: NFTs
No Password Required: The Sailing CTO of Sylint Group Who Routinely Defends Against Nation-State Attacks on Critical Infrastructure
Webinar Recording - Crypto Breaches: Legal & Regulatory Update
No Password Required: A Cybersecurity Education Specialist, Whose Passions Include the Forest, DIY, and Deviled Eggs
Cyberside Chats: Everyone wants to be Batman. Hacking Back & Cybersecurity Law
Defense In-Depth: Cybersecurity For Energy
Greetings and Felicitations - Aly McDevitt on Ransomware Case Study, Part 2
Not If, but When: A Data Protection Roadmap for Legal Teams in a Post-Pandemic World
How to Protect your Organization From a Cybersecurity Attack
Phishing: Cybersecurity’s Biggest Threat
No Password Required: An Infowar Expert Paved the Path From Rock-And-Roll to Cybersecurity
Cybersecurity & Data Privacy Webinar Series: Password Protected: Essential Cybersecurity & Data Privacy Planning for Your Small Business
CF on Cyber: The Anatomy of a Ransomware Attack - Part 2
CF on Cyber: The Anatomy of a Ransomware Attack - Part 1
Fighting Cyber Crime: The $1 Trillion Invisible Threat
Material updates to the HIPAA Security Rule could be on the way — affecting all HIPAA-regulated entities — for the first time in two decades. The Department of Health and Human Services (HHS) issued a Notice of Proposed...more
As the health care industry continues reeling from the recent Change Healthcare ransomware attack that crippled large portions of the U.S. health care system, health care providers are naturally reminded of the importance of...more
Report on Patient Privacy 22, no. 6 (June, 2022) - A report from the HHS Health Sector Cybersecurity Coordination Center (HC3) found that in early 2022, ransomware groups increasingly turned to legitimate software during...more
Report on Patient Privacy 22, no. 3 (March, 2022) - HHS said in early March that it was not aware of any specific threat to U.S. health care organizations stemming from the Russian invasion of Ukraine. “However, in the...more
Report on Patient Privacy 22, no. 2 (February, 2022) - Tensions between the U.S. and Russia could lead to a heightened risk of Russian state-sponsored cyberattacks on U.S. interests, including health care organizations,...more
Report on Patient Privacy 22, no. 1 (January, 2022) - As the COVID-19 pandemic enters its third year, real “security fatigue” with pandemic-related issues will combine with cybercriminals’ increasingly sophisticated...more
Report on Patient Privacy 21, no. 11 (November, 2021) - Current and former patients of Las Vegas Cancer Center (LVCC) may have had their personal information exposed after a ransomware attack, the center said....more
A myopic focus on protecting EMR (Electronic Medical Records) systems has left healthcare organizations open to shadow information risk. In a world where hackers and ransomware criminals are regularly compromising healthcare...more
Report on Patient Privacy 21, no. 8 (August, 2021) - IBM Security reported that the total cost of a data breach increased by nearly 10% year-over-year in 2021, the largest single-year cost increase in the last seven years....more
The Office of Civil Rights (OCR) of the U.S. Department of Health & Human Services recently issued its Summer 2021 Cybersecurity Newsletter, which focuses on controlling access to electronic PHI (ePHI) and the HIPAA Security...more
Preventing data breaches is a critical task for all businesses these days, but it’s especially so in healthcare. No one wants to see health information disclosed, and the risks of a ransomware attack are enormous, literally...more
Report on Patient Privacy 21, no. 7 (July, 2021) - Mayo Clinic is facing three lawsuits from patients who say a former surgery resident, Ahmad Alsughayer, viewed hundreds of their nude photographs in electronic health...more
Report on Patient Privacy 18, no. 1 (January 2021) - Security threats to health care entities will continue to escalate in 2021, as bad actors with significant capabilities target pandemic-weary organizations still...more
Report on Patient Privacy 20, no. 12 (December 10, 2020) - Suspected North Korean hackers have tried to break into the systems of British drugmaker AstraZeneca in recent weeks as the company races to deploy its COVID-19...more
Report on Patient Privacy 20, no. 12 (December 10, 2020) - In late September, Anthem Inc. entered into a $39.5 million settlement for a 2014 data breach that affected nearly 79 million individuals. About a week later,...more
CYBERSECURITY - Greater Baltimore Medical Center Hit with Ransomware - The Greater Baltimore Medical Center (GBMC) was hit with a ransomware attack over the weekend (December 5-6) that potentially delayed procedures planned...more
Report on Patient Privacy 20, no. 11 (November 2020) - HHS Office of the National Coordinator (ONC) for Health Information Technology (ONC) is giving health care organizations more time to meet new rules on information...more
Report on Patient Privacy 20, no. 11 (November 2020) - In her 14-plus years of investigating and blogging about hacking and breaches, “Dissent” has been yelled at, threatened with lawsuits and accused of being a criminal....more
Health insurer Anthem, Inc. has finally reached a settlement with a coalition of 41 states plus the District of Columbia, and a separate settlement with California, to resolve state attorney general investigations of a data...more
The Pandemic has fast-tracked the use of telehealth services. Hussein Akhavannik discusses how medical device companies are looking to add to or expand remote monitoring capabilities. However, some capabilities raise legal...more
Report on Patient Privacy 20, no 5. (May 2020) - Many health care organizations are racing to implement or augment telehealth services as the COVID-19 pandemic has upended medical care. But a cybersecurity expert is warning...more
On January 24, 2020, security analysts revealed that a data breach exposed the personal information of 30,000 medical marijuana patients across the country, including patients in Ohio. Bloom Medicinals, which operates five...more
The North American Securities Administrators Association (NASAA) this week approved an information security model rule package aimed at improving the cybersecurity posture of the 17,543 state-registered advisers. ...more
According to Hiscox’s Third Cyber Readiness Report, which surveyed 5,400 firms in the U.S. and the E.U., cyber threats have “become the unavoidable cost of doing business today.” The Report notes that for the first time, “a...more
On October 15, 2018, the U.S. Department of Health and Human Services, Office for Civil Rights (OCR) announced that Anthem, Inc. will pay $16 million to settle OCR’s investigation of its potential violations of the Health...more