White Papers in Standards, Regulations & Compliance

A New Way to Handle Cyber Claims: Adopting a Project Management Approach

There is a lot to say about the disorganized way most cyber incident claims are currently handled. Instead, adopting a project management approach will make better use of resources and lead to several benefits. To this point, many incidents have traditionally been handled with a "lawyer-heavy" approach, but the...

What GDPR Means for Cybersecurity

We all know that May 25 was the enforcement deadline for Europe's General Data Protection Regulation. But what impact will General Data Protection Regulation have on cybersecurity programs? GDPR, or the "Y2K" of our era, is part of a larger conversation that's been catalyzed by a lot of the recent news around...

Enabling Government for Modernized IT

The U.S. Federal Government wants its agencies to modernize their IT systems, primarily by maximizing the use of cloud platforms. But IT teams are finding this transformation challenging. Investing in IT modernization can lead to more agility, improved resilience and security and, in the long term, better citizen...

Digital Transformation: Better Ops, Agile Apps, Faster Business

The technologies and processes that businesses deploy today are so tightly linked to their customers and markets that the boundary between the company's internal operations and external ecosystem (i.e., customers, markets, competitors, partners, regulators) is rapidly disappearing. Business leaders are ...

Demonstrating HIPAA Compliance

At its core, HIPAA compliance is simply about maintaining patient privacy by ensuring the appropriate access to and use of patient data by your users. Electronic Health Record (EHR) solutions provide detail around when patient data is accessed, but without visibility into what users do with sensitive patient data...

Cybersecurity: One of Healthcare's Leading Business Risks of 2018

CynergisTek's 2018 report aggregated ratings from security assessments performed at hundreds of healthcare organizations in 2017 to reveal an average 45% conformance with NIST Cybersecurity Framework (NIST CSF). The report found that of the NIST CSF five Core Elements, organizations had the lowest ratings in detecting...

Research Finds Only 45% Compliance with NIST CSF Controls

CynergisTek's 2018 report aggregated ratings from security assessments performed at hundreds of healthcare organizations in 2017 to reveal an average 45% conformance with NIST Cybersecurity Framework (NIST CSF). The report found that of the NIST CSF five Core Elements, organizations had the lowest ratings in detecting...

The Convergence of Healthcare Innovation and Compliance

With advances in big data, artificial intelligence, machine learning and more, healthcare is primed to innovate. But do HIPAA, GDPR and other regulatory standards inhibit the ability to innovate? This whitepaper discusses healthcare's complex convergence of innovation and compliance. While this is a very...

GDPR From a North American Perspective

GDPR is relevant to all organizations that collect and store personal data on EU individuals such as health data, email addresses, photographs, biometrics, national identity numbers; essentially any information about an individual that is collected and/or stored in such a way that it can be tied back to that...

Take Inventory of Your Medical Device Security Risks

With the advent of technology in personal healthcare - internet connected glucose monitors, intravenous blood pressure monitoring, personal best friend emotional bots - a lot of highly sensitive data that's rampantly traversing the airwaves. The impact of this data getting in the wrong hands is just starting to be...

Modernizing Malware Security with Cloud Sandboxing in the Public Sector

For public sector technology leaders evaluating technologies to combat malware attacks, this report offers important considerations for deploying cloud-based security. Ransomware and other data security threats are a serious concern for any organization, but the stakes are higher and the risks are greater for...

How to Build a SOC with Limited Resources

For public sector agencies caught between the prohibitive cost of a formal security operations center (SOC) and the wholly inadequate protection from an informal SOC, there is a solution: building a SOC that automates as much of the work as possible. Download this whitepaper and learn: How automation can help a...

Risk Management Framework: Assessing and Monitoring NIST 800-53 Controls for DoD

In 2014, the Department of Defense (DoD) issued instructions that replaced DoD Information Assurance Certification and Accreditation Process (DIACAP) with the Risk Management Framework (RMF). The RMF is designed to be managed as a continual process as the risk posture evolves over time for each information...

Federal Agencies Tech Brief: Security Investigation, Detection and Rapid Response

The fact that Federal agencies are prime targets for the most sophisticated cyber threats is undeniable. If cyberattacks are inevitable, then robust capabilities for security investigation, threat hunting, and rapid response are essential. Government cybersecurity professionals require visibility across their silos of...

Modernizing Government IT: User Identity and Access Management

Government agencies face unique technology challenges in today's world, including complex legacy IT systems, antiquated processes and a prohibitive legislative budgeting cycle. Because of these challenges, many agencies are looking for creative new approaches to overcome the obstacles preventing adoption of the latest...