HIPAA and Internal Security Controls

Jul 6, 2023 Continuum GRC 0 Comment

In June 2023, the US. The Department of Health and Human Services (HHS) reached an agreement with Yakima Valley Memorial Hospital over a significant breach of privacy and security rules. Specifically, HHS found that several security guards had inappropriately accessed the private records of up to 419 patients.

This settlement demonstrated administrative and internal security is essential to Covered Entities and Business Associates. We will discuss these controls and what they mean for HIPAA-regulated organizations.

NIST and the Industrial Internet of Things

Jun 28, 2023 Continuum GRC 0 Comment

From the comfort of smart homes and the convenience of wearable devices to the intelligent operations of manufacturing systems and the functionality of smart cities, the Internet of Things (IoT) serves as the connective tissue of a digitally unified world. While a hallmark of modern innovation, this proliferation of interconnectivity also introduces a multifaceted set of cybersecurity challenges that necessitate vigilant attention and robust countermeasures.

Leading the charge to secure this interconnected world, the National Institute of Standards and Technology (NIST), a global frontrunner in defining standards, has crafted extensive guidelines to mitigate cybersecurity risks. This article will illuminate the pervasive influence of IoT across industrial and manufacturing contexts, focusing on Industrial IoT (or IIoT). Further, it will dissect these crucial NIST documents, translating their intricate technical specifics into understandable insights.

What Are the Biggest Challenges to Cybersecurity in 2023?

Jun 21, 2023 Continuum GRC 0 Comment

As we navigate through 2023, the digital frontier continues to expand, bringing forth numerous novel opportunities and, regrettably, a myriad of cybersecurity threats. These cyber threats are not simply an IT concern; they have profound implications for business continuity, customer trust, and national security.

Understanding these risks and their evolution is the first step in mounting an effective defense. This article will explore the most significant cybersecurity threats organizations face in 2023, providing insights into their nature, their potential impacts, and the steps you can take to safeguard against them.