Chief information security officers are grappling with a variety of issues as they try to keep their campuses safe from cyber criminals. In fact, the No. 1 issue for higher ed IT leaders this year is information security, according to EDUCAUSE, a nonprofit association...
The Department of Defense (DoD) recently announced the development of the ”Cybersecurity Maturity Model Certification” (CMMC), a framework aimed at assessing and enhancing the cybersecurity posture of the Defense Industrial Base (DIB), particularly as it relates to...
A new supplement to the National Institute of Standards and Technology (NIST) 800-171 “Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations” is on the way. The proposed supplement 800-171B adds 35 new requirements that go alongside...
WannaCry malware hit the news in 2017 when reports of the damaging attack spread through more than 150 countries. The National Health Service in the UK, and FedEx where two of the worst hit organizations, but countless others, including small business, schools, and...
A class action suit is in progress after an estimated 200,000 people had personal data exposed by a hacked server at Casino Rama in Ontario. The breach was made public back in November 2016 when the hacker was able to obtain credentials, access at least two of the...
Auditing and logging are an important part of the HIPAA Security Rule, but the rule contains no specifics on this requirement. According to HIPAA Security Rule – 164.312(b):“Implement hardware, software, and/or procedural mechanisms that record and examine...