Vendor Management Lessons from Aetna’s $20 Million Lawsuit

You likely use third-party vendors to outsource your payroll, HR or IT infrastructure — all essential business functions. Unfortunately, in doing so, you’re giving multiple companies access to sensitive data, including private patient or customer information. In the event of a breach or leak of said sensitive information, it’s important to know where the chips […]

Healthcare Breaches: The Newest Round of HIPAA Fines

A new HIPAA fine has been released, and it’s significant. Federal regulators have issued one of the largest HIPAA settlements ever in favor of 521 impacted individuals over Massachusetts-based healthcare organization Fresenius Medical Care (FMCNA). Cited specifically for a lack of risk analysis, FMNCA now ranks among one of the costliest HIPAA penalties issued, paying […]

BAI Security at HIMSS18

Healthcare providers face a unique challenge when it comes to data protection. Cybercriminals take one look at their assets  — valuable personally identifiable information (PII) like social security numbers and medical information — and throw all they’ve got at their IT security systems. If you’re not doing everything you can to maintain and strengthen your IT security, […]

The Hidden Flaws

Cyber attackers are known for their persistence. If they hit a pothole trying to break into your IT network, they won’t just give up and move on to their next target. Instead, they’ll redouble their efforts and probe your infrastructure, looking for new ways to grab your valuable data. Unfortunately, sometimes these vulnerabilities can be […]

The Proactive Way to Manage Customer Data

With 2017 behind us and the new year beginning, there’s no time like now to reevaluate how your organization handles sensitive customer information. With data breaches increasing year after year, everyone should turn their gaze inward to ensure they are taking a proactive cybersecurity stance. Why is this so important? Here’s an example of everything […]

Mobile Devices and Healthcare: How to Protect Your Organization

In today’s world, almost every piece of technology comes equipped with the ability to access the internet. Phones, watches — even refrigerators — are built to connect. While the intent here is to make life a little easier, an unfortunate side effect is that these connections open up new pathways for cyber criminals. For organizations that acquire […]

The Ever-Expanding Threat of Cyber Criminals

The Dark Overlord, a dangerous group of cyber criminals, have made a name for themselves over the past several years. We’ve covered some of their illegal activities in the past targeting healthcare and financial institutions, and unfortunately, they’ve continued to make news. Their latest attacks open a new front into cybersecurity, signaling a shift all […]

2017 in Breaches: Equifax and More

This question was recently answered, as Equifax announced, “We know that criminals exploited a U.S. website application vulnerability. The vulnerability was Apache Struts CVE-2017-5638.” What’s so bad about this disclosure? Well, as it turns out, the patch for this vulnerability had already been made available — months before the breach occurred. This brings with it […]

Spear Phishing: How to Avoid the Newest Tax-Based Scam

In a past blog post, we discussed how cyber criminals will often use tax season as a cover to attack unsuspecting organizations. Usually this is done via a phishing method where the attacker poses as a member of a particular organization’s C-Suite and requests sensitive information be sent their way – like W2 forms, for […]

Zero-Day Vulnerabilities: Rooting Out Hidden Threats

In 2015, ransomware and malware related attacks cost businesses around the world $325 million. This was considered to be a relatively acceptable figure. Rumors spread throughout the cybersecurity industry that a future dominated by cybercrimes was something we might be able to dodge. While a high amount, the $325 million value just didn’t meet the […]