Skip to content

Security Insights

Explore insights and recommendations by security experts from the world of cybersecurity

Home
Blogs

What is CMMC 2.0?

The Cybersecurity Maturity Model Certification (CMMC) 2.0, launched in 2024, is a streamlined cybersecurity framework designed by the U.S. Department of Defense (DoD). It aims to enhance cybersecurity practices across
Read More

What is CCPA?

The California Consumer Privacy Act (CCPA) is one of the most far-reaching privacy laws in the United States. It came into effect on January 1, 2020 and is designed to
Read More

Financial Services Modernization with GLBA

The Gramm-Leach-Bliley Act (GLBA) is a U.S. federal law also known as the Financial Services Modernization Act of 1999.  It requires financial institutions to explain how they share and protect
Read More

Complying with GDPR

The General Data Protection Regulation (GDPR) is a legal framework enacted by the European Union (EU) to regulate how the personal data of individuals in the EU is collected, processed,
Read More

Complying with HIPAA

The Health Insurance Portability and Accountability Act (HIPAA), enacted in 1996, is a U.S. federal law designed to protect PHI and other sensitive patient health information. HIPAA establishes the standards
Read More

What is the Federal Trade Commission (FTC) Act?

The Federal Trade Commission Act (FTC Act) was established in 1914 with the goal of promoting fair competition, preventing deceptive practices, and safeguarding consumers. The FTC Act empowers the Federal
Read More

Cybersecurity Checklist for Startups

Cybersecurity is a critical concern for startups, which often handle sensitive data but may lack the robust security infrastructure of larger corporations. Even a single security breach can lead to
Read More

What is the HIPAA Security rule?

The HIPAA Security rule applies to covered entities, business associates, subcontractors – anyone or any system with access to confidential patient data. Every organization in the healthcare delivery ecosystem must
Read More

Security Certifications for Startups

Investing in security certifications such as SOC 2 and ISO 27001 can benefit startups by bolstering their market credibility and competitive stance. For new companies, establishing trust with potential clients
Read More
Load More

Can you submit a SOC 2 Report instead of a Vendor Security Questionnaire?

Over the last decade, service organizations have been asked to prove their level of cyber hygiene before they are awarded a contract. The RFQs and contracts of small-medium sized businesses, particularly SaaS providers typically include an annual Vendor Security Questionnaire,...

Read More

SOC 2 versus ISO 27001

Organizations frequently face a tough choice between SOC 2 and ISO 27001 certifications as a means to showcase their security maturity. Comparing the two security standards can be tough and the decision-making process can be complex, as each certification brings...

Read More

Cybersecurity Checklist for 2024

Cybersecurity is a critical concern for organizations in 2024 as the digital landscape continues to evolve and cyber threats become more sophisticated. Though organizations across industries have regulatory requirements related to data privacy and cyber security, attackers have found innovative...

Read More

Transition to ISO 27001:2022

The ISO 27001:2022 certification standard was released in October 2022. It has replaced the ISO 27001:2013 edition via a three-year transition period, which ends on October 31, 2025. Companies with an ISO 27001:2013 certification are required to transition to ISO...

Read More

How to Prevent the Impact of Ransomware

Verizon’s Data Breach Investigations Report found that 74% of all breaches were a result of human error due to social engineering. This statistic is based on the analysis of 16,312 security incidents and 5,199 breaches. This report puts Ransomware as...

Read More

Technologies To Detect And Prevent Ransomware Attacks

Verizon’s Data Breach Investigations Report puts the cost of 95% of security incidents at $1 million - $2.25 million dollars. The report is based on the analysis of 16,312 security incidents and 5,199 breaches. They found 74% of all breaches...

Read More

Sources of Ransomware Attacks on Healthcare Systems

A cohort study published in The Journal of the American Medical Association in December of 2022 revealed that Ransomware attacks targeting Healthcare delivery organizations more than doubled from 2016 to 2021. This exposed the Personal Health Information of nearly 42...

Read More

Can you have a Ransomware attack if you are HIPAA-compliant?

The short answer: Yes The in-depth answer: The Health Insurance Portability and Accountability Act (HIPAA) sets the minimum standards for protecting sensitive patient health information (PHI). The Department of Health and Human Services (HHS) regulates HIPAA compliance, while the Office for Civil...

Read More

Protect your DICOM from Cyber Attacks

DICOM stands for Digital Imaging and Communications in Medicine. It is a standard protocol for managing, storing, and transferring medical images and related data in a digital format. It ensures that medical images and information can be exchanged between different...

Read More

What are the new controls added to ISO 27001 in 2022?

ISO 27001 is a globally respected information security standard. It is officially referred to as ‘ISO/IEC 27001’ and is part of the ISO/IEC 27000 family of standards for information security management. It is designed, updated and regulated by the International Organization...

Read More

Top 5 CMMC Implementation Gaps

CMMC is a security framework that is mandatory for contractors who want to work with the Department of Defense (DoD). It is based on the US National Institute of Standards and Technology (NIST) family of standards, specifically on NIST SP...

Read More

Security Tech Investments for Top 10 trends in 2023

How do you prevent cyberattacks from impacting your business operations? This is the big question organizations have been asking in the wake of growing cyberattacks across industries. A growing number of data breaches have led to loss of customer data,...

Read More

SOC 2 Type 2 Audit for SaaS Companies

Getting a SOC 2 Type II Report can be a game-changer for a SaaS Company. It can transform how you respond to RFQs and how you assure potential leads that your systems are secure. Most SaaS companies view the cost...

Read More

Challenges you may face with a SOC 2 auditor

A SOC 2 certification / examination is pursued by service organizations who want to prove to potential customers that they can manage their data effectively. Typically a SaaS provider, Managed Service Provider (MSP), Network service provider and other service providers...

Read More

Anatomy of a Ransomware Attack and Lessons Learned

The average ransomware attack caused $1.85 million in losses to the company in 2021, up 41% from 2020. This estimate factors in  the amount paid, downtime, expense for IT technicians, device cost, network cost, lost opportunity, and more. Leadership turnover...

Read More

Trusted by Hundreds of Companies

ASR
BLAIR-GASTRO
AVANCE CARE
ICLINIQ
FORSYTE
datacaliper
MEDFIRST
logically
TANGIBLE-SOLUTIONS
PATAGONIA-HEALTH
worksmart
Triyam
TIMETAP

Do you want to become a databrackets Consultant?

Join Us

We Are Here to Help You