Exploring the risky business of cyber insurance and IT services contracts

In my time as a security consultant and managed services provider, I've seen some questionable behavior and attitudes. Prime among them is the common belief in the business community that indemnity offered by cyber insurance and contracts replaces prudent actions [...]

Exploring the risky business of cyber insurance and IT services contracts2020-04-29T22:43:11-07:00

Internet Security Threat Report 2013

Creating successful targeted attacks requires attackers to learn about us. They will research our email addresses, our job, our professional interests, and even the conferences we attend and the websites we frequent. All of this information is compiled to launch a successful targeted attack. Once on our devices, the attacker’s tools are designed to pull as much data as possible. Undiscovered targeted attacks can collect years of our email, files, and contact information.

Internet Security Threat Report 20132023-08-10T23:39:28-07:00

Don’t Serve as a HIPAA/HITECH Wall of Shame Warning to Others

There are easy ways to stay off of the Healthcare “Wall of Shame.” One of the most effective ways is to encrypt the hard drives on your mobile devices, PCs and servers. We have recently developed a solution to encrypt [...]

Don’t Serve as a HIPAA/HITECH Wall of Shame Warning to Others2023-08-10T23:47:05-07:00

1.7 Million Patient Records In Massive Data Heist At NYC Hospitals

All I can say is “WOW!” I wonder how much this is going to cost the hospitals. How much damage is done to their reputation? What kind of government settlement, oversight and years of scrutiny will this cost the hospitals when the regulatory agencies are done negotiating with them on penalties and remediation?

Here is the gist of the story:

Thieves made off with the personal health records of an estimated 1.7 million New Yorkers' when they stole backup tapes from four Bronx hospitals In December. According to statement issued by the 14-hospital system on Feb. 11, computer backup tapes were stolen containg the records. The report came just days after the New York City Health and Hospitals Corporation began notifying victims Feb. 9. While it took HHC nearly two months before reporting the data breach, it was well within the 60-day period required by New York state law.

1.7 Million Patient Records In Massive Data Heist At NYC Hospitals2019-04-09T00:25:53-07:00