Your cloud service provider is HIPAA compliant. But that doesn’t mean you are too! As a Covered Entity or a Business Associate who uses a HIPAA-compliant cloud to create, receive, maintain, and send protected health information (PHI), your compliance efforts don’t and mustn’t end there. While using a compliant cloud service provider is a must,…
The ISO 27001 certification can help your organization add to its security posture and make it formidable and armed to fend off security breaches, security incidents and cyber-attacks. Having a ISO 27001 certification demonstrates your compliance with global best practices regarding information security and evinces trust in your customers’ ecosystem regarding your data security practices. …
Audits and the months leading up to them are among the most stressful periods for infosec teams. A typical SOC 2 audit can take up to 9 months to prepare and a further 3 months to complete, with infosec teams bearing the burden of conducting control testing and collecting evidence. Audits hinge on the evidence…
Businesses that process customer data are liable to various privacy protection laws depending on the location where they operate. In Europe, data privacy regulations are pretty rigorous. Non-European businesses trying to expand into this continent often find themselves drowning in a sea of GDPR regulations. To make things easier, let us start with the basics…
In response to growing security concerns and breaches, the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC) published ISO 27001 in 2005. It was revised in 2013 to keep the document to sync with global changes in technology and processes, and most recently in 2022. The 2013 version is not significantly different…
In an incident, an Amazon S3 bucket containing 1.5 million files was leaked due to a misconfiguration. It comprised sensitive data such as national ID numbers, employee PII, etc. Data breaches due to misconfigurations are common, and 80% of ransomware attacks are also attributed to misconfigurations. Misconfigurations are unintentional and common but have a devastating…
End of content
End of content