Tag: Virtual Auditor

Business Continuity, Cyber Security, Data Breach, Disaster Recovery, HIPAA / HITECH Enforcement, Meaningful Use, Upcoming Events, Vulnerability Testing & Management

Visit with Virtual Auditor and RISC at the Texas Chapters of HIMSS in Austin, Texas

Rose

VA and RISC for Texas HIMSS Feb 18 2015

 

Come visit with Virtual Auditor and RISC at the 7th Annual Regional Conference Texas Chapters of HIMSS in Austin! There will be over 400 healthcare IT professionals and optional preconference activities such as legislative visits at the State Capitol and Networking social. The focus will be on promoting the value of investing in Health Information Technology.

Wednesday, February 18, 2015 – Friday, February 20, 2015

Renaissance Austin Hotel

9721 Arboretum Blvd.

Virtual Auditor will be demonstrating an industry-leading Information Security Continuous Monitoring Solution (ISCMS). The ISCMS was specifically developed to help organizations including healthcare, banking, finance, and other heavily regulated industries, to meet their data privacy, information security, and compliance requirements. The ISCMS provides continuous monitoring, alerting, reporting, and event correlation, providing the data your techs want, your security folks wish they had, and your executives need! Visit www.VirtualAuditor.com for more information if you can’t see this amazing technology first hand.

Contact Sales@virtualauditor.com or 888-312-5151

For more information please visit: http://www.cvent.com/events/2015-texas-regional-himss-conference/event-summary-25f61ec35a2f482d99a39eb8605be861.aspx#

Cyber Security, Data Breach, Education, Tip of the Week, Vulnerability Testing & Management

“Band-Aids Before Blood”

Rose

“Band-Aids Before Blood”

 John T. Schelewitz- Director of Sales, Virtual Auditor, LLC

As a salesperson accountable for the positioning of compliance and security solutions to the Healthcare and Financial verticals, I often find myself in a unique position.  This position being, how to digest the following; “We have quite a few other projects on the table”, “We have not budgeted for that”, “We performed an audit/assessment a few years ago”, “We are content with our current status” and related.

VA appliance

Before I get ahead of myself, there is success had in simply gaining a response.  Well, that may solely be of value to me and not those interested in my quota attainment so, I digress….  My concern is this, if there is not a plan to have band-aids on hand, how do you plan to address the inevitable blood?  According to a recent analysis by a leading IT security firm, of the small portions of IT budgeting set aside for security, corporations often spend as little as 10 percent on incident response, 30 percent on detection and the rest on prevention.  That is, if there is any spending.  And all of that only if there is concern that results in the establishment of defined needs, requirements and initiatives.

More often than not, action, or should I say reaction, is brought about by the sight of blood.

“Instead of merely blocking threats at the perimeter of a network, a multilayer cyber response that protects every critical component inside the network as well as external connection points is a more effective, proactive approach” (CardVault, 2014, para. 3).  This statement reflects the sentiment of a leading cyber security attorney. With external and internal threats both on the rise and inevitable, can your organization afford to be in a reactive position?  The thought of “This won’t happen to my network” is about as realistic as a unicorn monitoring USB usage.

My advice is this; Put a fluid security plan in place to address devices, systems, applications, and users.  This plan must address the enterprise from the firewall to the desktop.  Processes, controls and accountability are critical in this planning.  This plan will include human and appliance elements.  Ultimately, you must understand that your network is exposed 24x7x365.  At any point during this time, there may be blood.  Do you have band-aids?  VA logo

References

CardVault. (2014). Expect a cyber-breach: It will happen. Are you Ready? Retrieved from http://cardvault.com/expect-a-cyber-breach-it-will-happen-are-you-ready/

Tips from the RISC and VA team

Don’t let the fear of a data breach keep you awake at night: Schedule a vulnerability assessment and learn ways you can protect your systems.

  • Run a data breach response drill to practice on a scenario so there is less panic when responding to the real thing.
  • Spend a few minutes learning how to improve privacy protections and security safeguards.
  • Visit  VirtualAuditor.com and www.RISCsecurity.com to learn a great deal more about the various tools we offer to enable healthcare organizations, financial institutions, universities, and business of any size, to effectively monitor, enforce, and audit your confidential information.