Four Chicago-area cybersecurity experts shared their thoughts with Crain’s Custom Media on this ever-changing landscape, including what organizations can do to keep their workplaces, employees and customers safe. Read the discussion.
NIST Cyber Security Risk Management Conference – Reasonable Risk. Our partner, Chris Cronin will be speaking with Phyllis Lee of the CIS (Center for Internet Security).
CAMPIT: Enterprise Risk / Security Management Conference Join us at this one day conference where attendees will be provided with examples of approaches to managing information and compliance risk through a risk management framework.
Who is Responsible for a Data Breach. “While accountability starts with the CEO and corporate board, cybersecurity is a shared responsibility across every function and level of an organization.”
Healthcare and Data Breaches. Click to view full image.
VULNERABILITY N+1. AUTHOR: Terry Kurzynski, CISSP, CISA, PCI QSA, ISO 27001 AUDITOR As Americans, we love lists. That fact is self-evident when browsing our favorite blog sites, as many blogs start out with catchy headlines like, “The Top 5 ______ (fill in the blank).” The love of lists is rooted deeply in our culture. We loved the […]
HALOCK is deep in the regulatory compliance and security field, so we sometimes take for granted that words common to us, like “HIPAA,” are still not clearly understood. So let’s take a moment to lay out the basics of HIPAA. For deeper coverage into the HIPAA Security Rule, take the “master class” here.
REDUCING RISKS THROUGH COMPENSATION. Has your organization been struggling to achieve its compliance goals? Whether your organization is new to risk management or you’ve been struggling with compliance for some time, making compliance a part of every employee’s compensation plan is a smart strategy. This can get everyone in your organization thinking about information security […]
Author: Chris Cronin, ISO 27001 Auditor The Third Circuit Court of Appeals announced on Monday, August 24, 2015 that the Federal Trade Commission is acting within its authority when it takes action against companies for poor data security practices. Take heed. You may be doing exactly what the FTC is complaining about.