There is no doubt that digital transformation is changing the way people coordinate and work. While it is a blessing in many ways, as it keeps businesses and people connected by creating opportunities and easy exchange of information, it has also paved way for cybersecurity risks. Ransomware, Phishing, data breaches, denial-of-service attacks have become increasingly common and threaten businesses of all sizes.

HIPAA compliance requires covered entities and business associates to secure protected health information. Social Security numbers, medical record numbers, health plan beneficiary numbers, account numbers, and names of patients, relatives, or employers all must be secured from unauthorized access. The penalties and fines for HIPAA violations can be steep — in some instances reaching millions of dollars. And, HIPAA isn’t prescriptive about what it takes to be in compliance.

Those who work in the healthcare industry know: HIPAA compliance is often fiercely enforced by the Department of Health and Human Services, and penalties can be steep. “Each covered entity is required to implement safeguards to prevent the unauthorized disclosure of PHI. These safeguards will vary depending on the size of the covered entity and the nature of healthcare it provides, but the penalties for failing to safeguard the integrity of PHI can be extremely high.

The Nightfall blog is a knowledgebase for cybersecurity professionals with news and insights from the world of cloud security. Each week, we’re publishing new content to help you stay up-to-date on cybersecurity topics and to prepare you for the issues and threats that occur every day on the job.

In honor of International Women’s Day we once again asked the amazingly talented women of archTIS to share their insights as women in tech. This year our Finance and HR leads share their important roles in the company, experiences, and offer advice to young women considering a career in cybersecurity.

A dynamic, data-centric approach is key to securing sensitive information and achieving compliance in our modern world of hybrid IT solutions, but what are the differences between RBAC vs ABAC the two common access controls approaches? Over the last two years, companies have seen an expedited shift away from using traditional methods to access their data. With more employees working remotely, we find the security controls we have spent years refining are no longer adequate.

Sensitive data often makes its way into logs. Though most of the time unintentional, these incidents have the potential to do a lot of damage, as they usually involve exposure of API keys, passwords, and customer data that can give attackers access to critical business data or put companies at compliance risk. This is why it’s important for organizations to be proactive about securing their logs.

We’re pleased to announce that Nightfall is partnering with Hanzo, a best-in-class enterprise e-discovery and investigations platform. Hanzo’s offerings, now powered by Nightfall DLP, include Nightfall’s machine learning detectors as part of Hanzo’s core functionality.

The current wave of digital transformation that has brought more and more businesses online has also introduced an unwelcome side effect: the surface area for attacks has ballooned. As individuals and businesses migrated their sensitive transactions into cloud applications, cloud service providers became responsible for providing high-fidelity data security.

The Data Security and Protection Toolkit (DSP Toolkit) is an NHS operated online tool that enables organisations in benchmarking their security against the National Data Guardian’s 10 Data Security Standards (NDG Standards).