Knowledge is the best attack deterrent, so check out our cyber security updates
24By7Security, Inc.

Biweekly Cybersecurity Newsletter - Mar 15th, 2017

Businesses Suffer Serious, Measurable Damage From Data Breaches

People who own, run, or work for businesses should take note of several findings of a recent Cisco study of the impact of data breaches. Discussing the report, Cisco's Senior Vice President, noted that "In 2017, cyber is business, and business is cyber - that requires a different conversation, and very different outcomes. Relentless improvement is required and that should be measured via efficacy, cost, and well managed risk. Report highlights the continually evolving techniques used by criminals to exfiltrate sensitive corporate data, and the resulting impact on business performance. 


Sanjay Deo of 24By7Security quoted on Security and Privacy

Sanjay Deo quoted in this supplement on Security & Privacy: Protecting data in the information sharing era, of the Health Data Management magazine.   Sanjay talks about how security controls have often been overlooked in healthcare technology applications. During the past 5 years, primarily because the government has mandated and prompted it, hospitals and physician practices have adopted electronic medical records.  While these organizations have acquired the technologies to collect and distribute patient data, the focus on security has not been there.  


Insider sabotage – still an issue for CISOs

Companies and organizations tend to focus on the exterior threat to their network infrastructure. A rising threat is that of the disgruntled insider. Companies and organizations need to focus equally on physical security technologies and information security practices. Although insider sabotage is among the top three security threats companies face, 35% of chief information security officers in the US still lack the best practices to handle it properly, as quoted in Dark Reading. 


Payments Giant Verifone Investigating Breach

San Jose, Calif.-based Verifone is the largest maker of credit card terminals used in the United States. It sells point-of-sale terminals and services to support the swiping and processing of credit and debit card payments at a variety of businesses, including retailers, taxis, and fuel stations. On Jan. 23, 2017, Verifone sent an “urgent” email to all company staff and contractors, warning they had 24 hours to change all company passwords and is investigating a breach of its internal computer networks that appears to have impacted a number of companies running its point-of-sale solutions, according to sources. 


Small Healthcare Data Breach Notification Deadline: March 1, 2017

The HIPAA's Breach Notification Rule requires all covered entities to report breaches of unsecured ePHI to the Department of Health and Human Services’ Office for Civil Rights. While large data breaches – those impacting 500 or more individuals – must be reported to OCR within 60 days of the discovery of the breach, covered entities can delay the reporting of smaller data breaches. While patients must be notified of any breach of their ePHI within 60 days – regardless of the number of individuals affected by the breach – notifications of security incidents are not required by OCR until 60 days after the end of the calendar year in which the data breaches were discovered.

The deadline for reporting 2016 healthcare data breaches impacting fewer than 500 individuals is March 1, 2017.


Effective Incident Response To Mitigate Cyber Threats

The modern healthcare industry has been on the radar of cybercriminals as numerous incidents of data breaches continue to plague the healthcare domain. The rising frequency of data breaches has made it imperative for helathcare organizations to have a data breach response/incident response plan in place that complies with HIPAA. According to the HIPAA Breach Notification Rule, the affected healthcare establishment should notify the federal government and the public, post a data breach. In the aftermath of a data/systems breach, it is crucial that healthcare organizations secure their digital parameters to prevent future attacks. What can they do?


Upcoming Events!

HFMA IT Forum Webinar - Mar 22, 2017

Sanjay Deo, Founder and President of 24By7Security, Inc. Speaking on Latest Cybersecurity Threats: Understanding and Mitigitating Risks from 12:00 pm - 1:00pm.


SF HIMSS Annual Scholarship Golf Event - April 3rd, 2017

24By7Security, Inc. Sponsoring 5th Annual Scholarship Golf event, at Signature Grand, Florida.

More Information....

BSides Orlando Security Conference - Apr 8th, 2017

24By7Security, Inc. Sponsoring BSides Orlando Security Conference, at UCF, Orlando, Florida.

More Information....

HackMiamiCon5 Security Conference - May 19 - May 21, 2017

Michael Brown of 24By7Security, Inc. Speaking at HackMiami Security Conference, at Deauville Miami Beach Resort, Miami Beach, Florida.

More Information....

Facebook Twitter Linkedin Youtube Google Instagram

About us

24By7Security, Inc. is a full service Cybersecurity strategy, implementation, operations and training firm.  We provide Cybersecurity and compliance related services across all functions of the enterprise. Our services include CFPB/DFA, FIPA, FERPA, GLBA, HIPAA, PCI, SOX, and others.

Visit Our Website

24By7Security, Inc.

4613, N. University Drive, Suite #267

Coral Springs, Fl - 33067

(844) 55-CYBER