Is HIPAA’s Security Rule Adaptive Enough to Stay Relevant?

With the halt of HIPAA (Health Insurance Portability and Accountability Act of 1996) audits by the Department of Health and Human Services’ Office (HHS) for Civil Rights (OCR), the healthcare industry is seeing a decline of about 2% annually in compliance with HIPAA’s Security Rule (NIST 800-66).  With that, however, has been a rise in […]

It’s a lot easier to get away with bad deeds when the attention isn’t on you… Which is a lesson Zoom is learning right about now,  as the business booms in the wake of the global pandemic. In addition to all the other privacy concerns we outlined in our previous article about Zoom, a recent […]

With the Coronavirus raging, more and more people are working remotely than ever before.  Meaning there are more people using online platforms than ever before to conduct meetings, share work and generally communicate with co-workers than ever before. Unfortunately, that also means more hackers are able to take advantage of employees working from home than […]

While it can be argued that many groups haven’t necessarily had the best reactions to this pandemic that is majorly impacting lives around the globe, one group who deserves serious accolades is the COVID-19 CTI League,  which is a group of 400 cyber security volunteers spanning over 40 countries, who have taken it upon themselves […]

Private data is prone to exposure by an as-yet patched bug in Apple’s most recent iOS 13.4, due to a VPN bypass issue that fails to terminate all connections, thus leaving behind traces of data that are, nonetheless, unprotected. But as Apple works on the patch, researchers recommend users take the following steps to decrease […]

Hackers have wasted no time in exploiting the chaos being wreaked on the world by the Coronavirus by hijacking routers and changing DNS settings to redirect their targets to fake Coronavirus apps and infecting their devices with Oski malware that steals their information.  So far, over 1,000 victims have been reported. Though the scam started […]

Right now, in this time of utter uncertainty, there is a lot of anxiety going around and a lot of questions that just can’t be answered yet: “Can I still work?” “Will I have enough supplies to survive?” “Am I going to be able to keep my home office safe from hackers?” One thing you […]

A disruption to your routine, like social distancing to avoid making a pandemic worse, can be the source of stress and anxiety.  If this is your first time working from home, however,  you should know that there are a lot of benefits!  While the thought of working while your children run around the house may […]

Working from home right now in the early days of a pandemic is the best case scenario for attempting to stop the spread of the Coronavirus.  A lot of people think this is just another flu, but it’s not, and the differences between COVID-19 and the flu or the common cold are important in understanding […]

There are a myriad of reasons not to allow workers to work remotely… From security concerns to productivity issues, it’s hard to give up the ability to monitor what your staff is doing. But there are certain times when it is the only real option you have.  One of the biggest advantages to being able […]

After a year-long study of the US’s cyberdefense abilities, a bipartisan congressional committee has concluded in a 122-page report, that we are not properly prepared for cyberattacks from adversaries, including Russia, N. Korea and Iran and in fact is calling for a complete overhaul of both offensive and defensive cybersecurity actions including, but not limited […]

It’s no coincidence that the maturity levels in the new Cybersecurity Maturity Model Certification (CMMC) are being referred to as levels of “cyber hygiene.”  The World Health Organization (WHO) has been advising us that the most efficient way to protect against the Coronavirus (COVID-19) is to wash our hands regularly for at least 20 seconds […]

What is Breach Fatigue? You know when you are craving a food… Let’s say pepperoni pizza.   You think about it all day.  You dream about it at night.   You’re trying to watch your figure but that warm, stretchy, gooey, deliciousness won’t stop haunting you. So you give in.  You’re going to have “just one slice” […]

By this point, you should hopefully understand that the purpose of the Cybersecurity Maturity Model Certification (CMMC) is to simplify cybersecurity for federal contractors and sub-contractors. Katie Arrington, the DOD’s Chief Information Security Officer for Acquisition and Sustainment, noticed (quite aptly) that “self-certifying” just wasn’t cutting the cake, so to speak.  Hackers were targeting contractors, […]

State Department officials blamed the Russian military intelligence agency’s (GRU) Main Center for Special Technology (GTsST), for cyberattacks targeting the country of Georgia this past October; attacks that not only impacted thousands of websites, but actually disrupted two Georgian networks.  This is the first time the US State Department openly linked the GTsST to Sandworm, […]

Sometimes, government requirements and regulations can make you feel like you are Alice falling down new rabbit holes, trying to figure out just what exactly your business needs to do to win (and keep) your contracts and subcontracts. Do you need to be NIST certified? SP 800-53 or SP 800-171, or both?  What are FARS […]

Beginning today, February 25, 2020, Mozilla will now automatically send all of their US-based customers’ DNS queries to Cloudflare DNS servers, as opposed to the default DNS servers set by their users via their new feature, DNS-over-HTTPS (DoH). DoH executes DNS look-ups over an encrypted server instead of just sending them over plaintext, making it […]

There is a national shortage of cybersecurity specialists, and the former head of the NSA, Mike McConnell, is actively trying to fix that issue. McConnell is a DC professional but is now splitting his time between there and the University of South Florida, in an attempt to fill in this gap of about 500,000 professionals […]

Hackers used a spear-phishing campaign to successfully target an undisclosed natural gas compression facility here in the US, leading to a two-day closure. Their network and data were encrypted with ransomware, which essentially shut down the company’s control and communication abilities. While CISA did not provide many details about the virus involved, it appears that […]

Law firms appear to be the latest black hat hacking trend. No less than FIVE law firms have been breached by cybercriminal group, Maze, in the last four months, and the results have been devastating.  Not only have these criminals STOLEN data, but they’ve also released extremely sensitive protected health information (PHI) from veterans’ pain […]