The Essentials of Cyber Security Planning

Cyber Security Planning Levels

This article discusses some of the levels of systems planning for almost any  business for protection from security breaches. Planning should include focus on these topics.

  • Identify – Who is accessing the network resources
  • Protect – How much access is given to each network resource
  • Detect – Systems that identify unexpected or un-identify access to the network
  • Respond – Once a breach is detected, how the company teams will respond
  • Recover – If there is loss after the breach, how will the company resolve the loss
Topics: Security Cybersecurity

The Cyber Awareness Conference - What You May Have Missed

I recently attended the Cybersecurity Awareness Conference, sponsored by the Small Business Development Center (SBDC). In this conference, cybersecurity issues were covered. Some of the cybersecuirty experts who presented includ:

Topics: Cybersecurity

Three Basic Cyber Security Principles for Business

There is a myth that cyber security is too complex for the average, non-technical, business leader to understand.  In this article, we’ll be disputing that myth.  

If you are a CEO, doctor or technical expert, here are three basic principles that every cyber security expert will be following to secure your systems.

Topics: Cybersecurity

Top Banking Security Concerns

In regards to new technology, fraud and cyber security, there are recent concerns around hacking impact on the 2016 elections, data security in banking and many other regulated industries.  Besides driving growth and profitability, the top challenges in banking includes managing risk around;

Topics: Cybersecurity Bank Security

DMZ basics: Cyber Security

 

A DMZ (or De-Militarized Zone harkening back to the Korean War) is a physical security design for connecting a trusted network to an untrusted network.  In a DMZ the physical work is done by routers utilizing security rules.  The idea is that anyone trying to penetrate a trusted network would need to first circumnavigate the DMZ hardware to enter the private trusted network.  At the same time, the trusted network needed to be able to access network resources stored in the DMZ subnet.  The DMZ became one of the first network architectures to guard a private network.

Topics: Cybersecurity

Federal Requirements Say Contractors Must Safeguard Systems

Federal Requirements Say Contractors Must Safeguard Systems. Do you contract with the federal governmen? It's important to stay up-to-date with the latest Federal Acquisition Regulations (FAR) to stay competitive and continue to win contracts. 

One of the more recent updates may require your business to take additional actions to update the way you store and transmit information related to federal contracts.

Topics: Legal Cybersecurity

HIPAA Compliance: The Team

The compliant HIPAA organization, is it a myth or a reality? In this article, I wanted to cover, at a high level, what you need to know if you manage or own a medical facility. As of December of 2016, there have been over 150,500 HIPAA complaints against medical facilities in the US.  With each complaint there are typically a multitude of other violations and patients who are unhappy because they believe regulations were not followed.

2016 was the biggest yet for monetary settlements under the Health Insurance Portability and Accountability Act’s (HIPAA) privacy and security rules and it is said that 2017 is keeping pace. The U.S. Department of Health and Human Services (HHS) announced 12 such settlements in 2016, averaging nearly $2 million.

Topics: IT Project Leadership Leadership HIPAA Medical Security Cybersecurity

HIPAA Compliance: Why

HIPAA compliance enforcement and how to avoid mistakes

The Health Insurance Portability and Accountability Act (HIPAA) is a federal law enacted in 1996.  The HIPAA privacy rule is a set of standards to protect the patient health information.  The privacy rules were required for medical entities by September of 2004 and their business associates by 2013. 

Topics: Security HIPAA Legal Medical Security Cybersecurity