Developing Information Security Policy
Information security policy plays a vital role in protecting data confidentiality, integrity, and availability. Learn how to develop your policy.
Read more
GLBA Updates Reminder
The GLBA updates become effective in December. Make sure you’ve revised your policies and procedures to comply with new requirements.
Read more
CCPA Showed its Teeth. $1.2 Million Fine for Selling Callifornians’ Data
A beauty retailer pays $1.2 million fine for CCPA violation. It’s all about using third-party analytics on its website. Learn more with us.
Read more
CISA and FBI Warn on Zeppelin Ransomware
Federal agencies warn on tactics, techniques, and procedures used by Zeppelin ransomware actors
Read more
Congress Released ADPPA – Draft Federal Privacy Law
ADPPA would enact a unified federal privacy law governing the use of citizens’ personal information. Learn what it means for your business
Read more
CIRCIA: Critical Infrastructure Now to Report Cyber Incidents and Ransom Payments
CIRCIA requires critical infrastructure organizations to report substantial cyber incidents and ransom payments. Read more about the new law
Read more
DoD Memorandum Reminds Contractors to Protect CUI
Significant material and reputational risks threaten contractors that have not implemented NIST SP 800-171, as the DoD memorandum states.
Read more
Supply Chain Attacks in Healthcare. The Case of Shields, Eye Care Leaders, and MCG Health
Data breach reports prove the evolving trend of supply chain attacks in healthcare. Determine who is more responsible for third-party data incidents
Read more
HIPAA Compliance for Start-Ups: Debunked Misconceptions
Small businesses are often led by misconceptions when it comes to HIPAA. Our free e-book can help with proper HIPAA compliance for start-ups.
Read more
2022 RSAС: Key Takeaways
Every year the RSAC keynote speakers bring their unique insights on the future of cybersecurity. Learn what’s new in 2022 RSAC
Read more
Reinforcing the Weakest Security Link with Access Controls
Weak human firewalls force businesses to adopt advanced access controls. Read our blog to get familiar with access controls that mitigate some of the risks associated with human factors.
Read more
Building a Successful Zero Trust Strategy
The complexity of the modern cybersecurity landscape is calling for new defense approaches. Learn about zero trust, its main principles, and its mechanisms
Read more
Recent Healthcare Data Breaches. The Importance of Sharing Experience
Healthcare data breaches may give valuable lessons on how to address cyberthreats, yet their details are rarely made public. Learn why sharing the incident experience is crucial for healthcare
Read more
UCPA: the Most Business-Friendly Privacy Law
The Utah Consumer Privacy Act (UCPA) is considered the most business-friendly state privacy law yet. Learn about the main facets of the law to be ready to comply in the future
Read more
Exploring New Attack Approaches. The Case of Microsoft and Okta
Microsoft and Okta suffered data breaches after a cybercrime group declared them as targets. Learn how the unique attack approach contributed to compromising the tech giants.
Read more
The State of Ransomware in 2022
Ransomware shows no signs of slowing down while its business model has changed. Read more about the state of ransomware in 2022.
Read more
Security Awareness Training. Important Things to Know
Digital dependency prompts businesses to strengthen their technological defenses. Learn how security awareness training helps reduce cybersecurity risks.
Read more
Cyberthreats and National Security
Practically all businesses are vulnerable to cyberthreats, and national security is not an exclusion. Learn how this tendency affects the decision-making process in national and business environments.
Read more
Mobile Device Security
Learn about best practices that will enhance mobile device security and enable businesses to provide their employees with secure access to corporate resources
Read more
You’ve Been Breached. What to Do?
A data breach may be detrimental for businesses but much depends on their response. Learn how to react quickly and decisively if you’ve been breached.
Read more
All You Need to Know About GLBA Compliance in Higher Education
Cyberattacks plague colleges and universities. Learn why GLBA compliance in higher education institutions is important.
Read more
Supply Chain Attacks and Cybersecurity
Supply chain attacks are on the rise. Learn how to align security efforts within your supply chain to reach a more desirable level of cyber protection.
Read more
Reviewing the 2021 Healthcare Data Breaches
The year 2021 appeared challenging, given the number and severity of healthcare data breaches. Review some of the most severe incidents and get key takeaways of the past year.
Read more
2022 Cybersecurity Trends
Cybercriminals are getting more motivated, organized, and sophisticated in executing attacks. Read our blog to learn about 2022 cybersecurity trends.
Read more
SOC 2 + HIPAA: Combining Two Audits
HIPAA is one of the most frequently demanded subject matters for SOC 2 audits. Learn more about the main peculiarities of the SOC 2 + HIPAA.
Read more
SOC 2: Specific Criteria for Controls Evaluation
The Security category is imperative for all SOC 2 engagements; but what if your commitments to customers and services demand including other criteria?
Read more
SOC 2: Common Criteria for Controls Evaluation
Every SOC 2 audit encompasses from one to five categories while Security is a must-have. Learn more about how the Security-related controls are evaluated.
Read more
Fall 2021: Summary of Healthcare Data Breaches
Fall 2021 showed a slight increase in reported healthcare data breaches. Acquire the main tendencies, channels, and locations of cyberthreats.
Read more
PIA vs. DPIA: the Purpose and Requirements
Organizations that fall under the EU’s GDPR may be required to perform DPIA. Learn more about the requirement and how it differs from the PIA.
Read more
vCISO: a Solution for Small Businesses
Small organizations often lack a dedicated leader to manage their security and compliance needs. Learn how vCISO can help.
Read more
FedRAMP: Core Things to Know About the Program
FedRAMP Authorization is the main prerequisite to offering cloud services to the U.S. government. Learn more about the authorization requirements.
Read more
Cyber Incident Reporting on Critical Infrastructure
Following SolarWinds & Colonial Hacks, security officials Introduced draft legislation on cyber incident reporting. Learn how it may affect your organization
Read more
#BeCyberSmart: Common Tips to Fight Against Phishing
One of the primary 2021 Cybersecurity Awareness Month’s focuses is resisting the phishing threat. Read how to fight against phishing and #BeCyberSmart!
Read more
Getting Ready for SOC 2 Audit: Where to Start?
SOC 2 is becoming a synonym for a reliable service provider. Learn how to prepare your organization for the SOC 2 audit and get a favorable audit opinion.
Read more
CCPA vs. CPRA: Upcoming Changes to the Law
Discover what updates CPRA will bring to CCPA’s data privacy requirements and realize their implications for your organization.
Read more
Ensuring Business Continuity at the Time of Disasters
Disasters may be detrimental to organizations that don’t have an emergency plan. Planet 9 advises on how to ensure business continuity during a disaster.
Read more
Data Security in Context of CCPA Compliance
CCPA grants Californian consumers privacy rights while imposing obligations on businesses. Learn how to meet these obligations and achieve CCPA compliance.
Read more
Core Aspects of California Consumer Privacy Act (CCPA)
A detailed overview of the California Consumer Privacy Act (CCPA) and its requirements for data privacy. Learn how to work with consumers’ data in California.
Read more
Unscrambling Confusion Around CUI Protection Requirements
Protection of CUI requires a stable and complicated regulatory environment. Get a sense of the set of standards, requirements, and regulations around it.
Read more
Digitalization in Healthcare: Opportunities and Challenges
Digitalization has breathed new life into qualitative healthcare service delivery, yet the reverse side exists. Explore both the opportunities and challenges with Planet 9.
Read more
Roadmap for Ransomware Protection
General guidelines that would help your organization to prepare, prevent, and protect from potential ransomware incidents.
Read more
A Guide to Conducting NIST SP 800-171 Self-Assessments
All DoD contractors that work with CUI must perform a self-assessment for compliance with NIST SP 800-171. Learn what the assessment process entails.
Read more
NIST SP 800-171: Key Reasons for Maintaining the Standard
Non-federal contractors that handle CUI are bound to comply with NIST SP 800-171, as the Interim Rule requires. Learn more about why compliance matters.
Read more
Ransomware Hits Critical Infrastructure: a Case of Colonial
A simple explanation of why the ransomware attack on the Colonial Pipeline Company is such a big deal for the U.S. critical infrastructure
Read more
CMMC Compliance: a Guide for DoD Contractors
The Cybersecurity Maturity Model Certification (CMMC) for DoD Contractors is on the rise. Learn more about the CMMC framework and its compliance requirements.
Read more
HIPAA Compliance Evaluation for Responding to Security-Related Changes
HIPAA compliance requires a continuous and thorough evaluation of organizations’ capability to comply with the requirements and address changes. Learn how HIPAA Vitals may help.
Read more
Risk Assessment Under HIPAA Security Rule
A step-by-step risk assessment process for HIPAA Security Rule Compliance. Stay protected against risks and hazards to ePHI security.
Read more
HIPAA Security Rule: Implementing Safeguards to Protect ePHI
The HIPAA Security Rule requires administrative, physical, and technical safeguards for ePHI protection. Inquire about their implementation specifications.
Read more
Best Practices for Maintaining Data Security in Cloud
Maintaining data security in clouds is becoming more challenging. Discover how organizations’ best practices and security tools may help.
Read more