GDPR – the “Undo” Button for Personal Data?

The European Union’s General Data Protection Regulation (GDPR) goes into effect May 25th, about two weeks from now.  In the news it is often being called "overreaching" and "impractical," but its objective is to place control of personal data back in the hands of the EU citizens.  Maybe I’m “old school” (aka dinosaur), but I believe in privacy and the ability to protect my data.  Why? Look at these recent events. Let’s start with the Facebook breach of 85 million users.  Most people joine ...

Key Themes at Texas Health Care Security & Technology Conference

Last month Robert Felps and I were fortunate to attend THA’s inaugural Texas Health Care Security & Technology Conference. Great speakers, wonderful host and facility, collegial atmosphere – a great learning experience overall. Hats off to Fernando Martinez, THA's Chief Digital Officer, and his team for a great couple of days. Here's a brief recap of the key takeaways. REALITY Cyber threats are dynamic. Bill Virtue reminded us that there have been more than 4000 ransomware attacks per da ...

National Nurses Week 2018 – Nurses: Inspire. Innovate. Influence

Third Rock would like to take this chance to salute the nation's Nurses for their role in patient safety - clinical safety, physical safety, and cyber safety. It's nurses of all types who are on the front lines of protecting patients from cyber threats - such as identity theft. ransomware, and device hacking -  by practicing good "cyber hygiene."  Good job, nurses - THANKS for all you do to keep all of us cyber safe! ...

NIST Makes Passwords a Little Bit Easier

After much research, the National Institute of Standards and Technology (NIST) has determined that we have been doing passwords all wrong! Traditionally, best practice for password use has been a minimum of 6 characters composed of a combination of letters, numbers and symbols, which had to be rotated periodically. To make things more complex, companies typically added rules about how frequently a password could be reused - or prohibited reuse completely. What NIST's research showed is that all th ...

The Right Cyber-Talk

I recently taught a cyber security class to a large medical practice.  The goals were to better protect the organization from cyber-attacks and to improve their HIPAA compliance.  This medical practice is a well-run and well-managed business that invests in its employees and is clearly one of the most security conscious practices I have worked with.  The hour-long course covered the cyber security basics including password management, safe Internet practices, phishing, malvertising, and incident resp ...

HIMSS 2018 – Take Aways

I attended the national HIMSS 2018 conference in Las Vegas a few weeks ago.  43,000+ roaming loose in Vegas, primarily in a few hotels and the Sands Expo Center.  It was mayhem.  I attended the Cyber Security Symposium all day Monday.  Six sessions focused on cyber security and best practices.  I then attended the keynote speech by Eric Schmidt, the CEO of Alphabet, the parent company of Google. Tuesday was primarily more sessions and a few minutes out in the expo "acres" wandering around trying to ...

Third Rock Enhances SECURETexas Capabilities

Third Rock Enhances SECURETexas Capabilities Customized to over 20 types of healthcare specialties for better protection of patient information against cyber threats    Austin, TX – March 21, 2018 – Third Rock, a preferred vendor for Texas Health Services Authority (THSA), has further simplified the SECURETexas certification process by offering a unique customized security risk assessment approach based on an organization’s practice area. Third Rock has customized its web-based security ris ...

Third Rock Team Presenting at ISSA Austin

Boost your Cyber Confidence! Get some tips and inspiration when Third Rock’s Julie Rennecker, Robert Felps, and Mike Moran present Healthcare: Transforming an Industry from Cyber Victim to Cyber Confident at the ISSA Austin Chapter meeting tomorrow, March 20. For more information and to register go to: https://www.eventbrite.com/e/austin-issa-march-2018-chapter-meeting-registration-43524591224   ...

An alternative approach to the cyber security talent shortage

Our CEO would contend there is an alternative approach to the cyber security talent shortage.  Most breaches occur because computer systems are easy to breach and people make mistakes.  Compare the number of breaches based on operating systems.  Linux and UNIX variants are more difficult to breach than Windows, especially, if you keep them patched.  Which means we need to focus some time and effort on Windows, shoring up its weak defenses.  The good news is, Windows and Linux can be hardened far m ...

How to Grow Cyber Security Awareness Heroes

The top threat facing any organization today is the staff member working from a computer!  Not because this person intends to do malicious harm to the organization, but because of lack of cyber security awareness and training.  Confirmation of this is MediaPro’s 2017 State of Privacy and Security Awareness Report in which they surveyed over 1,000 people and rated their responses to real-world cyber security questions. Respondents were grouped into 3 “risk profiles” based on their correct answers; ...

1 2 3 4 5 6 8