p InfoSec Challenges for CISOs, CTOs and CIOs - BizzSecure

InfoSec Challenges for CISOs, CTOs and CIOs

Top Five Tips for HIPAA Risk Assessment

Dynamic technological development has made IT security a matter of paramount importance and concern to all companies in the healthcare sector which has seen large-scale data breaches worryingly often in recent times. Forbes reports the exposure of a staggering 4.1 billion compromised records due to data breaches in the first half of 2019. Such data breaches cost the healthcare $6.5 million on an average, a...

Read More
Top Five Tips to be HIPAA Compliant

HIPAA guidelines are one of the crucial standards that should be followed by all organizations involved in handling Patient Health Information (PHI). HIPAA guidelines ensure protection of PHI against security breaches by malicious parties. In spite of being such an essential standard, it has been observed that most organizations find it difficult to become HIPAA compliant. There are several reasons for this. For starters, policy writing...

Read More
Design Information Security Policies for HIPAA

Information Security plays a crucial role in HIPAA compliance. Along with ensuring portability of insurance data, the HIPAA policies also require organizations dealing with personal health information (PHI) data to ensure that proper information security practices are being carried out across the organization. This is of vital importance as it guarantees the safety and security of patient data and medical information pertaining to multifarious health...

Read More
Non-Compliance_FS

Organizations of all sizes must constantly walk the knife edge between compliance and non-compliance. The requirements to adhere to compliance frameworks (ISO, PCI, HIPAA, GDPR, among others) are pitted against the human desire to take shortcuts: I’m only getting something off of the printer across the room, I don’t really need to secure my workstation before stepping away for 10 seconds. I wrote my password on a...

Read More
GRC Tools and Its Importance

Wondering how you can mitigate risks, improve organizational efficiency, and implement a common governance policy across your organization? The answer is simple; GRC. Governance, Risk management, and Compliance (GRC) is a core framework that any organization must follow to manage its business operations including IT operations that are subject to compliance regulations. Every business or organization needs a GRC strategy. Consider GRC as the glue that...

Read More

This is a continuation from my previous post. I had left off with organizing and remediating critical vulnerabilities. Now I will go over some more, specific examples related to compliance and privacy. Expel Local Administrator Rights from Employee Devices If any employee has local administrator rights on their device, they can be deceived into downloading applications from malicious websites or opening malicious email attachments. Enforce corporate policies...

Read More

Building Blocks of a Robust and Safe Organization While a strong connection with publishers and users of a service or solution is a must, every organization should also take extensive measures to deal with privacy management, as rapid advancements in technology has brought about new challenges to the protection of personal data. While taking these measures would build a certain robustness in the organization, another important aspect...

Read More
Security Compliance Management

Introduction For those who run a business, customer service, satisfaction and increasing profits are most important. One of the last things on their mind is meeting the requirements set by the government when it comes to Information Security regulations. However, ignoring these regulations can be an expensive mistake resulting in fines ranging into the millions of dollars. Here is where compliance management comes into play. It...

Read More
Dealing with Challenging Security Compliances

With the rapid proliferation of information regulations such as GDPR, PCI DSS, HIPAA, GLBA, FISMA, SOX, and SSAE16, information security compliance has never been more crucial. The task of complying and proving compliance is becoming daunting as requirements are changing while many organizations’ expertise and financial base remains static. At the same time, the cost of not complying is now unbearable leaving CISOs and security...

Read More
The Role of the Board and Senior Management in Developing a Cyber Security Strategy

The financial sector is one of the most critical cyber infrastructures of the United States according to the Dept. of Homeland security, and therefore a multi-prong approach should be employed to secure critical resources within the financial services industry. Developing and implementing an effective cybersecurity strategy is critical to meeting business objectives since cybersecurity has become a boardroom agenda and needs to be approached as...

Read More