Compliance with the Health Insurance and Portability Act (HIPAA) initially appears to apply only to the healthcare industry. However, HIPAA also requires healthcare provider business associates to maintain security and privacy controls over protected health information (PHI) and electronic PHI (ePHI). For payer organizations, this requirement means aligning data security protections to HIPAA.
Cybersecurity has three pillars of people, process, and technology. Enterprises have historically had a skewed focus towards the technology aspect of cyber security - installing another endpoint agent, or deploying another network monitoring device designed to seek out anomalys behaviour.
In September of 2018, Amazon Web Services (AWS) announced the addition of the Session Manager to the AWS Systems Manager. The session manager enables shell or remote desktop level access to your AWS EC2 Windows and Linux instances, along with other benefits. This is a great new feature, but care should be taken when enabling this capability.
Tigera is excited to announce several new capabilities with Tigera Secure Enterprise Edition 2.3, extending the ability to uncover sophisticated Kubernetes attacks. Tigera Anomaly Detection capabilities provide insight into unusual behaviors that compromise the security and performance of Kubernetes environments.
Over the past many years, cyber threats have become greater in frequency and more sophisticated than ever. Current security mechanisms are based on traditional reactive approaches such as antivirus programs and firewalls who react once the incident has occurred. Under such circumstances, intruders have a chance to compromise your network either partially or entirely.
In the original Star Trek episode “The Trouble with Tribbles,” an unscrupulous merchant, Cyrano Jones, gives a small furry animal called a Tribble to communications officer Uhura. Uhura takes the Tribble aboard the Starship Enterprise where the animal begins to quickly reproduce, thereby threatening to overrun the ship and cause significant damage.
With more colleges and universities incorporating Software-as-a-Service (SaaS) platforms to enable registrars, admissions, and financial aid offices, they are collecting more electronic student information. Couple that with weak networks and systems, and the state of cybersecurity in higher education earns an F. To remain solvent in an era of continued student recidivism, higher education needs to focus more efforts on protecting this information from cybercriminals.
In a previous blog, I discussed securing AWS management configurations by combating six common threats with a focus on using both the Center for Internet Security (CIS) Amazon Web Services Foundations benchmark policy along with general security best practices.
Having covered the start-up vs corporate question before, we thought we would look into which industry is currently most at risk of cyber attack. According to the Wikipedia entry ‘list of data breaches’, which contains a list of data breaches (spoilers), out of 255 data breaches over the last 15 years, historically, the hardest hit industry was ‘web’.
A selection of this week’s more interesting vulnerability disclosures and cyber security news. My heart goes out to a victim of a hack this week, an email provider who lost the lot. OK, how the guys got in leads to some questions, however the total, wilful destruction is heart breaking.
