Tag: Incident Response Plan

HHS Releases HPH Sector Cybersecurity Framework Implementation Guide to Help Healthcare Organizations Leverage NIST Cybersecurity Framework

On March 8, 2023, the U.S. Department of Health and Human Services (HHS) released its HPH Sector Cybersecurity Framework Implementation Guide (the Guide) to help healthcare organizations leverage the NIST Cybersecurity Framework. This Guide is not only a must-read for all healthcare “covered entities,” especially small and midsize organizations, but it is excellent advice for…

Read More

OCR Releases Video Guidance on Recognized Security Practices for National Cybersecurity Awareness Month

On October 31, 2022, the U.S. Department of Health and Human Services Office of Civil Rights provided guidance titled OCR Releases New Recognized Security Practices Video. This guidance is not only a must-read for all healthcare “covered entities,” especially small and midsize organizations, but it is excellent advice for all organizations — healthcare and non-healthcare…

Read More

OCR Guidance on HIPAA Security Rule Security Incident Procedures for National Cybersecurity Awareness Month

On October 25, 2022, the U.S. Department of Health and Human Services Office of Civil Rights in its October 2022 OCR Cybersecurity Newsletter provided guidance titled HIPAA Security Rule Security Incident Procedures. This guidance is not only a must-read for all healthcare “covered entities,” especially small and midsize organizations, but it is excellent advice for…

Read More

Ransomware Attacks! The 5 Best Practices the White House Urges all Businesses to Take to Mitigate Them

The threat of ransomware attacks against all American businesses is so great that on June 2, 2021, the White House issued a memo to all corporate executives and business leaders with the subject “What We Urge You To Do To Protect Against The Threat of Ransomware.” This is the first time such a memo has ever been…

Read More

Digital Extortion Drama: Deconstructing the Ransomware Response Lifecycle

THIS IS NOW AVAILABLE VIA DOWNLOAD FOR FREE: Join me for SecureWorld‘s #SecureWorldVirtual Central on May 6 as I’ll be presenting the Keynote on Digital Extortion Drama: Deconstructing the Ransomware Response Lifecycle. Register here with promo code SWVCSOC for *FREE* registration: https://lnkd.in/dzREw4A Here are the slides and the audio podcast of the presentation.

Read More

Nearly half of all businesses hit by cyber attacks in 2020 — 3 steps to help prepare your business

43% of businesses in the United States and Europe were hit with a cyber attack in 2020, an increase of 5% from 2019 which was 38%, according to Hiscox’s Cyber Readiness Report.  Businesses cannot ignore this threat and must face it head-on. All businesses should now have an operational and maturing cyber risk management program…

Read More

***URGENT*** MEMO TO: “The IT Guy” RE: Securing RDP Access–Changing the RDP Port Does Not Work!

***URGENT MEMORANDUM*** TO:   “The IT Guy” FROM:   Your clients’ Incident Response Coach SUBJECT:   Securing RDP Access–Changing the RDP Port Does Not Work! This Memo comes out of necessity, please take it seriously. I have now lost track of how many times over the past couple of months I have been on “scoping calls” with a…

Read More

2 Critical Cyber Insurance Issues All Companies Must Consider Now, Before an Incident!

There are two critical cyber insurance issues that every single company must understand right now, before they have an incident:  In today’s environment, every company has substantial cyber risk and every company needs cyber insurance. Period. Cyber insurance is not covered by typical business insurance and companies must have the right cyber insurance for their…

Read More

Two Cyber Insurance Issues Service Providers Should Discuss with Their Clients

If you are a service provider, there are two things about cyber insurance that you should discuss with your clients and make sure they understand. Watch this 2 minute video to better understand why: So, what are those two things? In today’s environment, every company has substantial cyber risk and every company needs cyber insurance….

Read More
%d bloggers like this: