As organizations have navigated their way through return to office scenarios, there are a number of new employee expectations and employer considerations to think through. Rather than only focusing on the point-in-time circumstances of "secure work-from-home" operations, many organizations are considering a proactive...
As organizations break away from traditional network-based security concepts, where zones are delegated "trusted" or "untrusted," to people-centric security models like Zero Trust, identity is becoming intrinsically linked to security. In fact, identity data can help security teams determine whether users or...
The Office of the Comptroller of the Currency has fined Morgan Stanley $60 million for the investment bank's failure to properly oversee the decommissioning of several data centers, putting customer data at risk of exposure.
When it comes to a breach and exposed data, a Digital Risk Protection program represents a way to reduce the potential damage. Tyler Carbone of Terbium Labs outlines the essential elements and use cases of a mature DRP program.
Ransomware has emerged as the No. 1 online threat targeting public and private organizations this year. Seeking maximum returns, more gangs have moved beyond opportunistic attacks to target organizations with "post-intrusion ransomware." Meanwhile, many victims fail to report such crimes to police.
In an exclusive interview, Roger Severino, director of the HHS Office for Civil Rights, which enforces HIPAA, spells out critical steps healthcare organizations must take to safeguard patient information and ensure patient safety in light of the surge in ransomware and other hacking incidents.
In 2019, Alpine Capital Bank wanted to quickly understand its state of cyber maturity and quantify the potential impact of priority cyber risks. Management's goal was to calculate its financial exposure and improve cyber posture based on the findings. Alpine turned to Axio for a solution.
Download this case study...
As Universal Health Services continues to recover from an apparent ransomware incident last weekend that affected system access for hundreds of its facilities, security experts say others can learn important lessons from the company's experience.
Operational and cyber risk teams at financial institutions often face cyber resiliency challenges due to the complex, highly interdependent nature of their application environments. With zero-downtime applications and critical dependencies extending across new and old infrastructure, it's more difficult than ever for...
Premera Blue Cross has agreed to pay a $6.85 million fine, the second largest HIPAA settlement ever announced by federal regulators. The case stems from a 2014 breach, which went undetected for nine months and exposed the information of 10.4 million individuals
Companies that measure cyber
risk using "high, medium, low,"
or "red, yellow, green" have
essentially no visibility into their
real financial exposure.
Such qualitative approaches do not
give CEOs the information they need
to know how and where to invest to
minimize their risk effectively.
As cyber events continue to increase in volume, frequency, and impact,
protecting your organization must be a top priority. To optimize your company's
preparedness to address cyber risks, you need industry guidelines to drive
your cybersecurity program forward, using an assessment against guidelines
Reporting Cyber Risk is More than
a Traffic Light
Using "high, medium, low" or "red, yellow,
green" to measure cyber risk is not enough.
This method is outdated, unreliable and
insufficient. CEOs and other C-Suite
executives require an approach that helps
them decide which cyber controls -...
As technological presence expands in organizations, the risk of cyber events will continue to increase.
Cyber risk management should be treated as a top priority. Organizations often use assessments to
capture a snapshot in time, but it can be used for much more. Assessments can provide organizations
Federal regulators have announced a $1.5 million HIPAA settlement with a Georgia orthopedic clinic stemming from a 2016 breach involving The Dark Overlord hacking group. The case serves as a warning of the potentially hefty cost of failure to implement a comprehensive HIPAA compliance program.