Hybrid Workforces and Compliance with Sheila Limmroth
As cyber threats become increasingly sophisticated, traditional security models that rely on perimeter defenses are no longer sufficient. Zero Trust Architecture (ZTA) offers a modern approach to security that assumes no user...more
The Regulations, which took effect on January 1, 2025, reiterate and clarify existing requirements and introduce new ones on privacy and network data security....more
In an era of escalating cyber threats and evolving attack vectors, organizations can no longer rely solely on cybersecurity to protect their digital assets. Instead, they must develop a comprehensive cyber resilience strategy...more
Patching vulnerabilities is a difficult task. Keeping up with and patching them without disrupting users’ experience is tricky. Nonetheless, it is a necessary evil and crucial to cybersecurity hygiene and incident prevention....more
NETWORK AND INFORMATION SECURITY 2 DIRECTIVE (NIS2) - WHO WILL BE IN SCOPE? Operators of essential and important services across various sectors including energy, transport, banking, health, medical devices, chemicals...more
In one of the most clear-eyed and sobering assessments of the cyberthreat China poses to our nation’s critical infrastructure, the country’s foremost cybersecurity leaders recently testified that the Chinese Communist Party...more
Though the world is no longer at a standstill due to COVID and our lives have returned to something resembling “normal,” the pandemic forever cemented remote and hybrid work into existence. Indeed, such flexible work...more
CYBERSECURITY- Mozilla Releases Security Updates for Thunderbird and Firefox - Mozilla recently released security updates to address known vulnerabilities in their Thunderbird and Firefox products. The Cybersecurity &...more
When a cyber breach occurs, cooler heads need to prevail. This can be a highly emotional and stressful occurrence. Being prepared and having a clear plan of action will help you stay focused, meet your compliance...more
Data security is a top concern for organizations in today’s digital landscape. It protects data from unauthorized access, use, modification, or disclosure, and requires implementing technical, administrative, and physical...more
This article concludes K2 Integrity’s mini-series promoting the importance of Cybersecurity Awareness Month. Throughout October, we have been providing tips and solutions to organizations to commemorate the 20-year...more
This article is the third in a series of articles about Cybersecurity Awareness Month. Throughout October, K2 Integrity has been providing tips and solutions to organizations to commemorate the 20-year anniversary of the...more
On September 26, 2023, Windows released a configuration update on Windows 11 version 22H2 (all editions) that is worth reading and applying, particularly if you use Windows Copilot....more
On Monday, July 24, 2023, Apple issued a security update to address vulnerabilities that have been linked to a spyware campaign. iOS 16.6 fixes 25 iPhone security flaws, several of which are being exploited by threat actors...more
The term cybersecurity is thrown about because it covers so many risks. There is no common definition of cybersecurity and the technical elements included in the term. From a technical standpoint, cybersecurity covers...more
Like it or not, the remote workforce is here to stay. Statistics show that employees say they are more productive working from home, and even before the global pandemic, there had been a 44% growth in the remote workforce...more
According to the National Security Agency, actors backed by the Chinese government are actively targeting a zero-day vulnerability in two commonly-used Citrix networking devices. The exploit (CVE-2022-27518) affects Citrix...more
It wasn’t long ago that the phrase digital transformation conjured the image of a large-enterprise corporate luminary delivering a keynote about the technological metamorphosis of their industry. Digitalization of legacy...more
A joint advisory issued June 7, 2022, by the Cybersecurity & Infrastructure Security Agency, FBI and the National Security Agency entitled “People’s Republic of China State-Sponsored Cyber Actors Exploit Network Providers and...more
In an effort to “promote privacy and cybersecurity by upholding the legal right of individuals, network owners, operators, and other persons to ensure the confidentiality, integrity, and availability of information stored in...more
On May 19, 2022, the Department of Justice (DOJ) announced that it had revised its policy regarding prosecution under the federal anti-hacking statute, the Computer Fraud and Abuse Act (CFAA). Since the DOJ last made changes...more
Hybrid work is likely here to say, and, as Sheila Limmroth, privacy specialist at DCH Health System, and the author of the chapter Hybrid Work Environment in the Complete Healthcare Compliance Manual observes in this...more
CYBERSECURITY - DOJ Takes Down RaidForums' Website - In an action against what has been described as one of the largest hacker forums in the world, the U.S. Department of Justice (DOJ) announced on April 12, 2022, that...more
Microsoft released its monthly patches this week to fix 128 vulnerabilities, including 10 rated as critical, 115 as important, and three flagged as moderately severe. One of the vulnerabilities (CVE-2022-24521 Windows Common...more
The United States Department of Homeland Security announced on February 3, 2022 the formation of a 15 person Cyber Safety Review Board, (the “CSRB”), which will be led by Robert Silvers, the Department of Homeland Security...more