In early 2015, Tenable shared an article on TechSource titled “Make 2015 a Breach-Free Year.” Sadly, as we all know, this did not happen. In fact, there were major breaches in both the private and public sectors that exposed millions of people to potential theft of personally identifiable information (PII). Cyber security was such a hot topic this year, TechSource featured 20 articles on the topic throughout 2015.
In this Roundup, we look at everything from the U.S. HHS crack down on HIPAA non-compliance to the Internet of Things and how it affects cyber security. We also take a look at the Cisco Annual Security Report and how agencies should know they will be breached… it is just a matter of when they will be breached.
Here’s a look at cyber security in 2015:
U.S. HHS Cracks Down on HIPAA Non-Compliance
The U.S. Department of Health and Human Services’ Office for Civil Rights (HHS-OCR) took many healthcare providers to task, and started fining and settling with them for non-compliance with the Health Insurance Portability and Accountability Act (HIPAA). In addition to an individual’s health information, organizations must protect personal information, financial, and payment data in compliance with a variety of regulations including the Payment Card Industry (PCI) Data Security Standards (DSS). Learn more about the organizations the HHS fined and why here.
Cisco Annual Security Report: Are You Protected?
In its Cisco 2015 Annual Security Report, the company presented research, insights and perspectives from its security research and security experts. The report explored the ongoing race between attackers and defenders, and how users are becoming ever-weaker links in the security chain. The report covered four areas of discussion: Threat Intelligence, Security Capabilities Benchmark Study, Geopolitical and Industry Trends, and Changing the View toward Cyber Security—From Users to the Corporate Boardroom. Read the TechSource article here.
Federal Agencies and the Internet of Things
In response to a Federal Computer Week article, “Are agencies really ready for the Internet of Things?,” TechSource looked at the potential challenges government agencies face when implementing IoT. The biggest concern all organizations have with IoT is the massive scope it involves–there is a huge volume of data being produced and a need to store and process it all. On top of that, the number of connected devices is expected to explode in the coming years, growing from around 16 billion today to 50 billion by 2020. All this data means more chances for security breaches as well, which is especially worrying for federal agencies. Read the TechSource article here.
Government Agencies Under Fire: Prepare for Cyber Security Risks
In August, we spoke with Cris Thomas, Tenable Network Security Strategist and author of “Lesson to Learn from OPM Breach,” about the continued cyber attacks targeting federal agencies. The discussion focuses on a report presented to Congress by the Government Accountability Office (GAO), that said cyber attacks increased by over one thousand percent in the last nine years. OPM was the latest example of this. TechSource and Thomas also approached from an attitude of “Will it Happen?” Agencies need to approach cyber security from the viewpoint they will be breached, so the question should be, “When will it happen?” Read the TechSource article here.