ExisorWhat is an examples of a GDPR Violation Case? The General Data Protection Regulation (GDPR) is a privacy and security law from the European Union (EU) that imposes obligations anywhere in the world where data from EU citizens is targeted and/or collected. The GDPR will levy harsh fines against those who violate their privacy and […]
What are SEC Cybersecurity Regulations for Public Companies? Cyber-resilience is defined as the ability of an organization to continue to function, even in a degraded manner, after components of the organization have been disrupted due to information system failures that randomly occur or are consequences of a cyberattack1. The ultimate goal of a cyber-resilient organization […]
What is the NICE Framework? With the large talent gap in the cybersecurity workforce, it is increasingly important that employers and employees are able to clearly express their needs and expectations regarding cybersecurity jobs. The National Initiative for Cybersecurity Education (NICE) is led by the National Institute of Standards and Technology (NIST) and is a […]
What is a Health Data Breach? A data breach is an incident that results in the exposure of confidential, private, protected, or sensitive information to a person or entity that was not authorized to access it. A data breach can be caused by actions that were either accidental or intentional. Some examples of data breach […]
What is the Health Sector Cybersecurity Coordination Center? Cybersecurity threats in the health sector include vulnerabilities due to legacy systems, privacy protection, IT interoperability issues, and security breaches, to name a few. A source of cybersecurity guidance and information is the U.S. Department of Health and Human Services Health Sector Cybersecurity Coordination Center (HC3). HC3 […]
What are HIPAA Physical Safeguards? The Health Insurance Portability and Accountability Act of 1996 (HIPAA, PL104-191) was enacted to protect the privacy and availability of health insurance coverage and medical information. The law’s primary goals include protecting health insurance coverage for workers and their families in the event that the insured employee changes or loses […]
What is National Risk Management? The National Risk Management Center (NRMC) is the planning, analysis, and collaboration center within the Cybersecurity and Infrastructure Security Agency (CISA), leading strategic risk reduction efforts for the nation1. Sources of strategic risk are widespread and include cyber and physical attacks, supply chain vulnerabilities, malicious exploits of emerging technology, nation-state […]
What are IT Security Risks for National Critical Functions? Whether your organization is public or private, it exists within a complex system where it might a greater role and responsibility in national security than you may have realized. The Cybersecurity & Infrastructure Security Agency (CISA) defines National Critical Functions (NCFs) as, “…functions of the government […]
What is Metadata? Metadata describes other data; it provides structured reference data that identifies attributes of the information that it describes so that the data can be identified and sorted. Metadata is created anytime a document or file is modified, including when it is deleted. Some examples of basic document file metadata include the author, […]
Public Sector IT Modernization The public sector has long been feeling the dragging weight of outdated processes and technologies, but experiences during the pandemic have allowed these issues to finally receive the overdue attention that they require. The survey underpinning Deloitte’s “Seven pivots for government’s digital transformation” revealed that three quarters of respondents asserted that the pandemic accelerated their governments’ […]