Tag Archives: data security

HHS Releases HPH Sector Cybersecurity Framework Implementation Guide to Help Healthcare Organizations Leverage NIST Cybersecurity Framework

On March 8, 2023, the U.S. Department of Health and Human Services (HHS) released its HPH Sector Cybersecurity Framework Implementation Guide (the Guide) to help healthcare organizations leverage the NIST Cybersecurity Framework. This Guide is not only a must-read for all healthcare “covered entities,” especially small and midsize organizations, but it is excellent advice for …

Continue reading “HHS Releases HPH Sector Cybersecurity Framework Implementation Guide to Help Healthcare Organizations Leverage NIST Cybersecurity Framework”

FBI, CISA, MS-ISAC Joint Cybersecurity Advisory – #StopRansomware: LockBit 3.0

The Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), and the Multi-State Information Sharing & Analysis Center (MS-ISAC) routinely release a Joint Cybersecurity Advisory (CSA) as part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail ransomware variants and ransomware threat actors. On March 16, 2023, they …

Continue reading “FBI, CISA, MS-ISAC Joint Cybersecurity Advisory – #StopRansomware: LockBit 3.0”

Boston Area Friends – Join me for the lunch keynote at SecureWorld Boston on March 23!

I am super excited to share that next week I will be headed to Boston to speak at one of my absolute favorite conferences each year — the United States’ preeminent cybersecurity conference — SecureWorld! On Thursday, March 23, 2023, I will present the lunch keynote on Cybersecurity Really Is a Team Sport, since folks …

Continue reading “Boston Area Friends – Join me for the lunch keynote at SecureWorld Boston on March 23!”

The White House Cybersecurity Plan – the Devil is in the Details

“The devil is in the details” — that about sums up my take on the White House Cybersecurity Plan. Many thanks to Lily Newman for including this and some other points from our discussion in her Wired article The High-Stakes Blame Game in the White House Cybersecurity Plan. I appreciate that the Administration is talking …

Continue reading “The White House Cybersecurity Plan – the Devil is in the Details”

Charlotte, NC Area Friends – Join me at SecureWorld Charlotte on March 1 & 2!

I am super excited to share that next week I will be headed to Charlotte, North Carolina to speak at one of my absolute favorite conferences each year — the United States’ preeminent cybersecurity conference — SecureWorld! On Wednesday, March 1, 2023, I will be leading a full day workshop for SecureWorld Plus registrants on …

Continue reading “Charlotte, NC Area Friends – Join me at SecureWorld Charlotte on March 1 & 2!”

OCR Releases Video Guidance on Recognized Security Practices for National Cybersecurity Awareness Month

On October 31, 2022, the U.S. Department of Health and Human Services Office of Civil Rights provided guidance titled OCR Releases New Recognized Security Practices Video. This guidance is not only a must-read for all healthcare “covered entities,” especially small and midsize organizations, but it is excellent advice for all organizations — healthcare and non-healthcare …

Continue reading “OCR Releases Video Guidance on Recognized Security Practices for National Cybersecurity Awareness Month”

OCR Guidance on HIPAA Security Rule Security Incident Procedures for National Cybersecurity Awareness Month

On October 25, 2022, the U.S. Department of Health and Human Services Office of Civil Rights in its October 2022 OCR Cybersecurity Newsletter provided guidance titled HIPAA Security Rule Security Incident Procedures. This guidance is not only a must-read for all healthcare “covered entities,” especially small and midsize organizations, but it is excellent advice for …

Continue reading “OCR Guidance on HIPAA Security Rule Security Incident Procedures for National Cybersecurity Awareness Month”

The INSIDERS Podcast – Cybersecurity with Shawn Tuma

It was a great experience to record The INSIDERS Ep 19 – Cybersecurity with Shawn Tuma podcast with Sandy Hibbard Creative, thanks for having me on! In this episode, we discussed these issues, and the full show is listed below that: “Security is hard, it will take work and commitment. Cyber crime can and will …

Continue reading “The INSIDERS Podcast – Cybersecurity with Shawn Tuma”

Ransomware Attacks! The 5 Best Practices the White House Urges all Businesses to Take to Mitigate Them

The threat of ransomware attacks against all American businesses is so great that on June 2, 2021, the White House issued a memo to all corporate executives and business leaders with the subject “What We Urge You To Do To Protect Against The Threat of Ransomware.” This is the first time such a memo has ever been …

Continue reading “Ransomware Attacks! The 5 Best Practices the White House Urges all Businesses to Take to Mitigate Them”

Working From Home During COVID-19? Five Things You Should be Doing–But Probably Are Not–To Be More Cyber Secure (publication)

Many thanks to the Texas Bar Journal for publishing my recent article, Working From Home During COVID-19? Five Things You Should be Doing–But Probably Are Not–To Be More Cyber Secure, in the Cybersecurity Issue: Without an understanding of the particular organization or the unique risks it faces, it is impossible to know what is best or …

Continue reading “Working From Home During COVID-19? Five Things You Should be Doing–But Probably Are Not–To Be More Cyber Secure (publication)”