When it comes to technology and science, the U.S. Government has a variety of bodies and agencies that help support innovation and promote industry-wide standards. One of the most important…

When it comes to data that cyber criminals are after, defense and military information rank near (if not at) the top of the list. And its not something the U.S.…

Organizations working closely with government entities, such as the U.S. military, often handle sensitive information, including Controlled Unclassified Information (CUI). For national security, it’s critical to manage CUI properly, including…

As digital connectivity grows between healthcare providers and patients, concerns about data privacy and secure access to medical records are front and center. Today’s patients, especially younger generations, expect both…

One of the primary goals of cyberdefense programs is identifying, preventing, and mitigating attacks. The best way to do this is with targeted programs, such as penetration and intrusion testing,…

SSAE 18 is a set of standards governing service organizations’ security practices. It’s used to identify and manage risks involved in handling consumer data. Many organizations need to showcase compliance…

If your business operates in healthcare, or even supports the industry indirectly, you may be required to meet the HIPAA Security Risk standards outlined in the Health Insurance Portability and…

Protecting patient data is at the core of HIPAA Security compliance. Every organization handling protected health information (PHI), whether directly in healthcare or as a business associate, must regularly test…

Patients’ medical records are some of the most attractive targets for theft. The US Department of Health and Human Services (HHS) designated them as protected health information (PHI) in the…

Some regulatory frameworks explicitly require penetration testing from eligible parties. But even those that don’t require it outright may still have other mandates that would be met or exceeded efficiently…