New NIST Requirements Increase Cyber Security Controls
A new supplement to the National Institute of Standards and Technology (NIST) 800-171 “Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations” is on the way. The proposed supplement 800-171B adds 35 new requirements that go alongside...
Poorly Written Ransomware Still Infects Unpatched Systems
WannaCry malware hit the news in 2017 when reports of the damaging attack spread through more than 150 countries. The National Health Service in the UK, and FedEx where two of the worst hit organizations, but countless others, including small business, schools, and...
4 common cyber issues that spawned a $60 million class-action lawsuit
A class action suit is in progress after an estimated 200,000 people had personal data exposed by a hacked server at Casino Rama in Ontario. The breach was made public back in November 2016 when the hacker was able to obtain credentials, access at least two of the...
Auditing and logging for HIPAA
Auditing and logging are an important part of the HIPAA Security Rule, but the rule contains no specifics on this requirement. According to HIPAA Security Rule – 164.312(b):“Implement hardware, software, and/or procedural mechanisms that record and examine...