On March 8, 2023, the U.S. Department of Health and Human Services (HHS) released its HPH Sector Cybersecurity Framework Implementation Guide (the Guide) to help healthcare organizations leverage the NIST Cybersecurity Framework. This Guide is not only a must-read for all healthcare “covered entities,” especially small and midsize organizations, but it is excellent advice for…
Tag: cyber incident response
FBI, CISA, MS-ISAC Joint Cybersecurity Advisory – #StopRansomware: LockBit 3.0
The Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), and the Multi-State Information Sharing & Analysis Center (MS-ISAC) routinely release a Joint Cybersecurity Advisory (CSA) as part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail ransomware variants and ransomware threat actors. On March 16, 2023, they…
OCR Releases Video Guidance on Recognized Security Practices for National Cybersecurity Awareness Month
On October 31, 2022, the U.S. Department of Health and Human Services Office of Civil Rights provided guidance titled OCR Releases New Recognized Security Practices Video. This guidance is not only a must-read for all healthcare “covered entities,” especially small and midsize organizations, but it is excellent advice for all organizations — healthcare and non-healthcare…
OCR Guidance on HIPAA Security Rule Security Incident Procedures for National Cybersecurity Awareness Month
On October 25, 2022, the U.S. Department of Health and Human Services Office of Civil Rights in its October 2022 OCR Cybersecurity Newsletter provided guidance titled HIPAA Security Rule Security Incident Procedures. This guidance is not only a must-read for all healthcare “covered entities,” especially small and midsize organizations, but it is excellent advice for…
Security Incidents and Your Board Pt.3 – The Above Board Show
“Data is the hot potato!” – Shawn Tuma It was great to be a guest on The Above Board Show hosted by my friends Gary Latham, Raf Los, and Grant Sewell where we discussed what “The Board” needs to know about security incidents and getting prepared for the worst day ever for the company. The…
Cyber Incident Response Preparation and Your Board Pt.2 – The Above Board Show
“Amateurs talk about strategy and tactics. Professionals study logistics.” – General Omar Bradley It was great to be a guest on The Above Board Show hosted by my friends Raf Los and Grant Sewell where we discussed what “The Board” needs to know about security incidents and getting prepared for the worst day ever for…
Security Incidents and Your Board Pt.1 – The Above Board Show
It was great to be a guest on The Above Board Show hosted by my friends Raf Los and Gary Latham where we discussed what “The Board” needs to know about security incidents and getting prepared for the worst day ever for the company. The video linked below was part 1 of a 3 part…
Cyber Insurance Fact vs Fiction (i.e., dispelling the myths!): #DtSR Podcast Episode 454 with Sean Scranton & Raf Los
My friend and cyber insurance underwriter guru Sean Scranton and I were guests on the Down the Security Rabbithole Podcast with Raf Los for episode 454, Cyber Insurance Fact vs Fiction. It is always fun to join the #DtSR Podcast and this time was no disappointment! In Episode 454 we discuss all things cyber insurance from…
StopRansomware.gov – the U.S. Government’s One-Stop Resource for Ransomware
The U.S. Government has launched a new resource to help combat the ransomware pandemic. Below is the relevant information it has shared: The U.S. Government launched a new website to help public and private organizations defend against the rise in ransomware cases. StopRansomware.gov is a whole-of-government approach that gives one central location for ransomware resources…
Ransomware! What is it and how do you better protect against it?
Just as one pandemic — COVID-19 — seems to be winding down, another — THE RANSOMWARE PANDEMIC — is now wreaking havoc on our society with full force. Critical Information You Need to Help Better Protect Your Practice and Your Clients From Ransomware, my article in the July 2021 Texas Bar Journal, attempts to provide…
You must be logged in to post a comment.