Mandiant: Organizations Are Not Getting the Maximum ROI from Threat Intelligence

The threat intelligence provider, Mandiant, says almost all cybersecurity leaders are happy with the threat intelligence they are consuming, but that intelligence is not always considered when they develop their cyber strategies and make purchasing decisions. The failure to effectively use threat intelligence data prevents organizations from getting the maximum ROI on their investment and… Read More »

Healthcare Organizations Most Common Victims in 3rd Party Data Breaches

Cyberattacks on business associates of healthcare organizations have increased to the point where attacks on business associates now outnumber attacks on healthcare providers. In addition to an increase in cyberattacks on third-party suppliers, the impact and destruction caused by those attacks have also increased, according to a recent report from the vendor risk management company,… Read More »

Another Lawsuit Filed Against Connexin Software Over 2.2 Million-Record Data Breach

Another lawsuit has been filed against Connexin Software over its August 2022 ransomware attack and data breach, which affected more than 2.2 million individuals. Connexin Software does business as Office Practicum and is a provider of electronic medical records and practice management software for pediatric practices. On August 26, 2022, Connexin discovered hackers had gained access… Read More »

Democratic Senators Propose Update to HIPAA to Ban Abortion-Related PHI Disclosures Without Patient Consent

Two Democratic U.S. Senators – Michael Bennett (D-CO) and Mazie Hirono (D-HI) – have introduced a bill that seeks to strengthen the privacy protections of the Health Insurance Portability and Accountability Act (HIPAA) for individuals seeking access to abortion care. The bill – The Secure Access for Essential Reproductive (SAFER) Health Act – was prompted by… Read More »

Editorial: The Three Pillars of HIPAA Compliance

Achieving compliance with the Rules of the Health Insurance Portability and Accountability Act (HIPAA) can be a challenge for healthcare organizations and their business associates. The HIPAA Rules were developed to cover healthcare organizations of different types and sizes, so the Rules needed to be flexible to accommodate this diversity. They also needed to be… Read More »

Warning Issued About North Korean Ransomware Attacks on Healthcare Organizations

A joint cybersecurity advisory has been issued by the U.S. Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), Federal Bureau of Investigation (FBI), Department of Health and Human Services (HHS), and the Republic of Korea’s Defense Security Agency and National Intelligence Service warning of state-sponsored North Korean (DPRK) ransomware attacks on U.S. critical… Read More »