HIPAA is a core cybersecurity framework for patients and healthcare providers in the U.S. Unfortunately, a new report from the OCR shows an increase in significant events and a lack of resources to follow up on critical compliance issues.
We’re covering some of this report and the underlying HIPAA requirements reflected in it.
While typically not mandatory outside financial sectors, SOC 2 is a reliable security compliance model that any organization can follow. This can be seen in its security assessments, which include a robust list of “Common Criteria,” or broad areas of focus that any secure organization should follow. The recent revision of these criteria in 2023 serves businesses and their security partners to have a handle on what they are and what they mean for security.
This article will cover the SOC 2 Security Common Criteria in detail and discuss what they mean for your organization and attestation.
The ongoing rise of state-sponsored Advanced Persistent Threats (APTs) has increased scrutiny of federal and state IT systems security systems. The latest version of CMMC includes a high-maturity level specifically designed to address these threats, which relies primarily on advanced security controls listed in NIST Special Publication 800-172.