When we think about criminal justice and cybersecurity, the imagination isn’t immediately drawn to compliance. Meeting policy requirements isn’t as flashy or exciting as a hooded hacker using a laptop to defeat their foes. The realm of cybercrime is known... Read More
Compliance
Categories
CJIS compliance: How to meet password and MFA requirements
If you’re responsible for password security at a law enforcement agency or organization that handles criminal justice data, CJIS compliance isn’t optional. It’s the baseline for protecting some of the most sensitive information in the country. The FBI’s Criminal... Read More
NYDFS Cybersecurity Regulation: Up-to-date compliance guidance
The stakes are high when it comes to cybersecurity in the financial sector. Financial organizations house a lot of sensitive customer data, including login credentials, personally identifiable information (PII), and banking details. The New York State Department of Financial... Read More
HIPAA password requirements: Best practices for compliance
The digital transformation of healthcare has brought plenty of benefits, but it’s also introduced new challenges in protecting patient information. The Health Insurance Portability and Accountability Act (HIPAA) plays a critical role in ensuring that medical data remains secure.... Read More
Navigating HIPAA cybersecurity requirements: A guide for healthcare providers
Healthcare data is a prime target for hackers. It often includes personal identifying information (PII), medical records, insurance details, and financial information, which can be used for identity theft, insurance fraud, and other malicious activities. The high value of... Read More
How to build a PCI-compliant password policy
The Payment Card Industry Data Security Standard (PCI DSS) is a set of guidelines designed to protect cardholder data and ensure that organizations handling payment card information maintain a secure environment. Among its many requirements, PCI DSS places significant... Read More
NIS2, passwords, and MFA: Everything you need to know
MFA and password security are key considerations in several regulatory frameworks, and NIS2 is no different. The NIS2 Directive is an important piece of legislation for anyone working in cybersecurity across the European Union. The latest updates to the... Read More
Update to GLBA safeguards rule: What you need to know
Financial institutions are at the forefront of cybersecurity challenges due to the sensitive nature of the data they handle. As the frequency and sophistication of cyberattacks increase, so does the need for robust regulatory safeguards, requiring organizations to bolster... Read More
Securing authentication tokens by preventing delegation of admin accounts
The underlying capabilities provided by Kerberos authentication in Active Directory means that access tokens can be delegated to users and computers for various purposes. Attackers can capitalize on the built-in capabilities of Active Directory with impersonation and delegation to... Read More
[New Data] Attackers Are Using These Passwords to Attack the RDP Port Right Now
The Specops Breached Password Protection List Tops 3 Billion Unique Compromised Passwords from Live Attack Data and Leaked Lists Today, the Specops Software research team is sharing the results of our analysis on what passwords are being used to... Read More