Compliance

NIST Cybersecurity Framework: Fourth, Adopt a Bias to Action
Josh Mayfield
NIST Cybersecurity Framework: Fourth, Adopt a Bias to Action

In my previous posts, we explored how to identify, protect and implement detection measures established in the NIST Cybersecurity Framework (CSF). Throughout this series, we’ve been noting how any IT and IT security team can implement the NIST CSF with deliberate and tangible steps that improve their security posture. The framework consists of what I call ‘pillars’ and this installment is about the fourth pillar: Respond. Once the first three...

READ MORE
How Emergency Communications of Southern Oregon Improved Security and Achieved Compliance
Kim Ellery
How Emergency Communications of Southern Oregon Improved Security and Achieved Compliance

According to a recent survey, most people (71 percent) want their state and local governments to spend more money on preventative cybersecurity measures and even more people (74 percent) think officials should take steps to better secure constituents’ personal data. Constituent demand isn’t the only demand driver however. Compliance demands also illustrate state and local governments have their work cut out for them when it comes to bolstering security....

READ MORE
NIST Cybersecurity Framework: Third, Go Looking for Trouble
Josh Mayfield
NIST Cybersecurity Framework: Third, Go Looking for Trouble

Throughout this series, we’ve been exploring how a standard issue IT team can implement the NIST Cybersecurity Framework (CSF). Within the framework, there are five principle areas, what I call ‘pillars’, where IT and IT security teams can focus their attention to improve their cyber resilience. We looked at the first two pillars—identify and protect—in previous posts. Here, we can zero-in on the next step to NIST CSF success:...

READ MORE
How Greenville Health Systems Improved Endpoint Security and Achieved HIPAA Compliance
Kim Ellery
How Greenville Health Systems Improved Endpoint Security and Achieved HIPAA Compliance

On average, data breaches cost healthcare organizations $408 per record according to the 2018 Cost of a Data Breach Report by the Ponemon Institute and commissioned by IBM. Across all industries, healthcare has seen the priciest of data breaches for the last 8 years running. To boost security, Greenville Health System, a not for profit, patient-centered healthcare network that serves upstate South Carolina and the surrounding area, knew they...

READ MORE
NIST Cybersecurity Framework: Second, Build a Moat – Part 2
Josh Mayfield
NIST Cybersecurity Framework: Second, Build a Moat – Part 2

The NIST Cybersecurity Framework is a repeatable framework organizations may follow to bolster their security posture. Within it, there are 5 foundational actions that may be flexibly deployed, regardless of industry or setting. In this, the second of a two-part post, we focus on the second action, Protect whereby NIST outlines 4 practical steps to protect data. My previous post explained access control and user awareness. This post takes...

READ MORE