Ultimate Security: Data Breach Prevention in 2023

Jul 12, 2023 Continuum GRC 0 Comment

According to a recent report by IT Governance, there were over 70 data breaches in June 2023 alone–accounting for compromising over 14 million data records. Once these records are out in the open, they are often sold on the dark web. Following that, it’s just a matter of time before hackers can use this data to breach accounts and hack into larger systems.

Unfortunately, data breaches can happen through several attacks–social engineering, identity compromise, or direct threats to applications and infrastructure.

Here, we will talk about what it means to stay ahead of potential data breaches. It takes a comprehensive approach to threat detection and prevention across several levels of security, none of which are more or less important than the other.

HIPAA and Internal Security Controls

Jul 6, 2023 Continuum GRC 0 Comment

In June 2023, the US. The Department of Health and Human Services (HHS) reached an agreement with Yakima Valley Memorial Hospital over a significant breach of privacy and security rules. Specifically, HHS found that several security guards had inappropriately accessed the private records of up to 419 patients.

This settlement demonstrated administrative and internal security is essential to Covered Entities and Business Associates. We will discuss these controls and what they mean for HIPAA-regulated organizations.

NIST and the Industrial Internet of Things

Jun 28, 2023 Continuum GRC 0 Comment

From the comfort of smart homes and the convenience of wearable devices to the intelligent operations of manufacturing systems and the functionality of smart cities, the Internet of Things (IoT) serves as the connective tissue of a digitally unified world. While a hallmark of modern innovation, this proliferation of interconnectivity also introduces a multifaceted set of cybersecurity challenges that necessitate vigilant attention and robust countermeasures.

Leading the charge to secure this interconnected world, the National Institute of Standards and Technology (NIST), a global frontrunner in defining standards, has crafted extensive guidelines to mitigate cybersecurity risks. This article will illuminate the pervasive influence of IoT across industrial and manufacturing contexts, focusing on Industrial IoT (or IIoT). Further, it will dissect these crucial NIST documents, translating their intricate technical specifics into understandable insights.