• Systemic non-compliance: the root cause of pain for healthcare organizations

    Tommy Abraham, Senior Director of Healthcare Assurance, Coalfire

    Recently, I was fortunate enough to experience the joys of becoming a father as my wife and I welcomed our first child into the world. It was one of the most beautiful experiences of my life and I’m grateful for the advances we have made in modern medicine and technology. I mention this personal anecdote to provide context for what I witnessed about the data security challenges that have existed for years in the healthcare industry and are still pervasive today.

    Read more
  • Cloud tech first floor recommendations

    Mike Weber, Vice President, Coalfire Labs

    I hate to say it, but I’m an old, curmudgeonly guy that’s been in the industry more than 20 years. And after a while, things just start to wear on you. In fact, there was a point in my career that I swore if I had to counsel just one more company on the importance of having strong passwords and password policies, I would jump out a window. And yet here I am, still dealing with these issues many, many years later. Thank goodness my recommendations were always delivered on the first floor.

    Read more
  • Coalfire and HITRUST – 9 years, 1,000 engagements and counting

    Zach Shales, Director, Healthcare Certification, Coalfire

    Since 2007, HITRUST® has offered programs that protect sensitive information and allow organizations to manage information risk globally across all industries and throughout the supply chain. In collaboration with information security, privacy, and risk management leaders from public and private sectors, they develop, maintains, and provides access to comprehensive risk and compliance management frameworks, and related assessment and assurance methodologies.

    Read more

Recent Posts

Post Topics

Archives

Tags

Accounting Agency AICPA Assessment assessments ASV audit AWS AWS Certified Cloud Practitioner AWS Certs AWS Summit Azure bitcoin Black Hat Black Hat 2017 blockchain Blueborne Breach BSides BSidesLV Burp BYOD California Consumer Privacy Act careers CCPA Chertoff CISO cloud CMMC CoalfireOne Compliance Covid-19 credit cards C-Store Culture Cyber cyber attacks Cyber Engineering cyber incident Cyber Risk cyber threats cyberchrime cyberinsurance cybersecurity danger Dangers Data DDoS DevOps DevSecOps DFARS DFARS 7012 diacap diarmf Digital Forensics DoD DRG DSS e-banking Education encryption engineering ePHI Equifax Europe EU-US Privacy Shield federal FedRAMP financial services FISMA Foglight forensics Gartner Report GDPR Google Cloud NEXT '18 government GRC hack hacker hacking Halloween Health Healthcare heartbleed Higher Education HIMSS HIPAA HITECH HITRUST HITRUST CSF Horror Incident Response interview IoT ISO IT JAB JSON keylogging Kubernetes Vulnerability labs LAN law firms leadership legal legislation merchant mobile NESA News NH-ISAC NIST NIST 800-171 NIST SP 800-171 NotPetya NRF NYCCR O365 OCR of P2PE PA DSS PA-DSS password passwords Payments PCI PCI DSS penetration Penetration Testing pentesting Petya/NotPetya PHI Phishing Phising policy POODLE PowerShell Presidential Executive Order Privacy program Ransomware Retail Risk RSA RSA 2019 Safe Harbor Scanning Scans scary security security. SOC SOC 2 social social engineering Spectre Splunk Spooky Spraying Attack SSAE State Stories Story test Testing theft Virtualization Visa vulnerability Vulnerability management web Wifi women XSS
Top