Smaller businesses naively assume that nefarious rogue elements only target larger corporations. While cyberattacks on large companies may make headlines, it is the smaller businesses that are mostly targeted by cybercriminals. According to a 2022 study, a staggering 58% of small companies in the UK have no cybersecurity plan in place. Besides the lack of knowledge, the […]
Read More
eSince its introduction, the General Data Protection Regulation (GDPR) has set a precedent for an undeterred approach to data privacy and protection. As a result, it has instilled fear among organizations of all sizes worldwide. Not complying with GDPR can lead to harsh fines or regulatory action. Let’s take a closer look at everything your […]
Read More
For healthcare organizations, a cyberattack is not just a security issue but the beginning of a slew of financial and criminal penalties under the Health Insurance Portability and Accountability Act (HIPAA). With the veritable treasure trove of data they collect, healthcare providers and hospitals have always been attractive targets for cybercriminals. This year alone, out […]
Read More
Compliance standards and guidelines continue to gain traction and are being implemented in many industries, as well as across local and national government agencies. While some standards are optional, the majority are required and most levy hefty fines for non-compliance. Popular opinion is that only companies within regulated industries need to worry about cybersecurity, believing that data protection […]
Read More
Every business today stores, manages and exchanges sensitive information that must be protected from cybercriminals lurking in the digital landscape. That makes it imperative for them to implement an information assurance (IA) strategy to reduce sensitive information’s exposure to risks and the impact of a given risk in accordance with internal security policies and any […]
Read More
In 2013, President Obama issued an Executive Order (Improving Critical Infrastructure Cybersecurity) to address the growing impact of cybersecurity breaches in the United States. The order directed the National Institute of Standards and Technology (NIST) to create a “voluntary framework—based on existing standards, guidelines, and practices — for reducing cyber risks to critical infrastructure.” Government […]
Read More
The CIS v8 standard was developed in 2008 by an international, grass-roots consortium, named the Center for Internet Security, which brought together companies, government agencies, institutions, and individuals from every part of the IT ecosystem (cyber analysts, vulnerability-finders, solution providers, users, consultants, policy-makers, executives, academia, auditors, etc.) who banded together to create, adopt, and support […]
Read More
Cybercriminals are nefarious treasure hunters, and your sensitive information is the treasure they are after. The higher the sensitivity of the information they get their hands on, the greater the value. That’s why regulatory standards and security frameworks mandate or guide your business to do everything possible to ensure information security. This comprehensive blog tells […]
Read More
It takes more than the occasional effort to tackle the risks businesses face today. Businesses of all sizes are looking to adopt structured approaches to manage risks systematically and proactively to ensure information security and compliance. Governance, risk and compliance (GRC) is one such approach that ensures business activities, such as IT operations, align with […]
Read More
According to Accenture’s “State of Cybersecurity Resilience 2021” report, security attacks increased 31% from 2020 to 2021. The number of attacks per company increased from 206 to 270 year over year and there is no expectation that this will slow down in 2022. Merely implementing IT security policies and procedures isn’t sufficient to fend off […]
Read More