Our day-to-day lives have become so busy, that we often forget to maintain and update passwords unless it is forced upon us by third-party applications or corporate requirements. As our lives move into a more remote lifestyle, a lot of our work has moved into cloud-based services.
Almost one year has passed since COVID-19 changed our daily lives, from how we interact with friends and family to how we conduct our daily work efforts. Over this time, we have found that the move to a more remote workforce has also brought some undesired security consequences. Most organizations were forced to rapidly transition to a remote business model that they may not have been prepared to move into. Information Technology (IT) Departments deployed remote capabilities so their workforce could continue to operate, all while dismissing security controls that they would otherwise be sensitive to applying before these capabilities were deployed.
At Slate Enclave, our private school clients have a lot of questions when it comes to FERPA and how they can protect student education records. The Family Educational Rights and Privacy Act (FERPA) is a federal law that protects students’ private information in schools that receive funds from the U.S. Department of Education.
HIPAA Journal published their list of the largest Healthcare Data Breaches for 2020 and it shows a troubling trend over the past 10 years. In 2010, there were 199 reported breaches. That number increased to 616 reported healthcare breaches in 2020. These numbers are on the conservative side because they only include breaches of more than 500 records. Healthcare organizations are only legally required to announce a data breach at this amount.
Cyberattacks have a tremendous impact on an organization’s reputation. According to Varonis, 80% of consumers will not use a business that was a victim to a breach. Additionally, 85% will tell others of the incident, showing that even if a person is not a victim of the breach, they will still be aware of the organizations breach and potentially not use them.
Mitigating threats of a cyber attack is done by properly educating your employees with how to identify a potential attack. Using a Phishing Attack as an example, if you have not implemented an effective training program, potential attacks will continue to exploit weaknesses and run a successful campaign against the organization. A proper awareness […]
There isn’t any single person or company knows everything…. If they claim that they do, find another firm to assist in your path to a stable and healthy security posture. Throughout the years in this field, I have seen and worked on a lot of programs within a vast array of markets. As Slate grew […]