The SEC’s Office of Compliance Inspections and Examinations (“OCIE”) recently issued a Risk Alert (the “Alert”) discussing cybersecurity observations from its examinations over time. The Alert did not state the time period of examinations included; however, OCIE has conducted several cybersecurity targeted exams over recent years.
In fact, HIPAA penalties do distinguish degrees of “not knowing,” yet that doesn’t mean - like the traffic violation above - that a hefty fine still won’t land in your lap. Can your company deal with even a $50,000 (per violation) hit to the pocket book? Here’s the breakdown of potential penalties per OCR (Office of Civil Rights) discretion, as noted in the HIPAA Journal.
Previously, school districts dealt with securing their systems at both the district and school level. But now, teaching, learning and working are all happening at home simultaneously. It’s messy, far more complicated, and gives our cyber and IT teams significantly less control over networks and security than there was when traditional in-school learning was the norm. It’s especially crucial we keep our security measures tight, even if it feels like an uphill battle.
To get buy in from the entire organization on your role as a security professional, share these basic elements of an effective cybersecurity strategy with the rest of the C-suite.
Why are CISOs constrained from delivering metrics at scale and why is producing good security metrics so difficult? Here, find out what the five stages of security metrics maturity are, and how you can achieve a mature security metrics program.
As documented in Dirceu Santa Rosa’s article for the IAPP’s Privacy Tracker, efforts to delay the effective date of Brazil’s General Data Protection Law – Lei Geral de Proteção de Dados or LGPD – recently failed, and the law is expected to go into force in the coming days. Brazil’s federal government also published a decree approving the regulatory structure of the Autoridade Nacional de Proteção de Dados, i.e., Brazil’s national data protection authority.
Threat Intelligence (TI) analysts are one of the key groups of experts in Security Operation Centers (SOCs) and play an important role in making sure IT systems are functioning properly. They are in charge of identifying attack vectors that most threaten the organization, define their company’s defensive strategy and help other team members make informed decisions about potential threats. However, handling such a vast amount of responsibilities, data and managing repetitive tasks is the exact type of work that makes TI employees prone to burnout.
The health, safety and security challenges that business owners and managers have faced in 2020 have made one thing very clear: COVID-19 has acted as a catalyst for a flurry of investments designed to spur the reopening of retail stores, commercial office space and public venues. Such investments don’t need to be singularly focused on opening the doors, but instead can be part of a more sustainable solution that can offer long-term value and flexibility that can be applied to a variety of situations.
This is where smart security cameras connected to the IoT can help.
Currently, cryptographic algorithms are based on factorization. RSA and Elliptic Curve Cryptography (ECC) algorithms are difficult to solve using traditional binary computers because the computer is forced to work through an incomprehensibly long list of probabilities. A traditional binary computer solves that mathematical problem slowly, whereas a quantum computer with an efficient algorithm can solve that problem much more quickly. Maybe a million times faster!
The novel coronavirus has forever changed how and where we work. As many organizations adopt new solutions and collaboration tools (e.g., Microsoft Teams, Slack or Zoom) to accommodate employees and customers during this critical period, such fast-paced digital transformation has also exposed several shortcomings associated with our remote workforce’s home networks and routers.