NetWorks Group Blog

Effective Daily Log Monitoring for PCI

Posted by NetWorks Group on Feb 1, 2018 10:55:04 AM

Security technologies such as firewalls are meant, at best, to prevent data security breaches, or at worst, detect them before they get out of hand; but in some cases, organizations have been complacent. In the infamous Target data breach of 2013, hackers were roaming their system and stealing data for two weeks before the breach was even detected. In the equally egregious breach of Heartland Payment Systems five years earlier, hackers were stealing data for several weeks before the invasion was discovered. Ironically, both Heartland and Target were PCI-compliant, but the time lag between system compromise and detection was unnecessarily long. And, they’re not alone in this regard. 

Read More

Topics: PCI, Compliance, Security Monitoring, Managed Detection & Response

HIPAA vs Security: Building security into medical purchasing decisions

Posted by Amanda Berlin on Jan 23, 2018 10:37:00 AM

What the security community says about a specific industry vertical usually holds true for a good percentage of what is seen in the wild. You can ask any hacker, defender, CISO, etc what industries struggle the most and there are common themes in their answers. Top of the list includes healthcare, manufacturing, government, and financial. Some of the most heavily compliance controlled and regulated are also some of the least secure. Why is this? Is it due to administrators and senior management taking compliance standards as gospel? Maybe it’s a lack of knowledgeable staff like the blind leading the blind.

Read More

Topics: HIPAA, Healthcare, Information Security, Compliance

Why You Should Be Concerned About HIPAA Security Rules Enforcement

Posted by David Howard on Dec 6, 2017 10:18:17 AM

With data breaches in the healthcare industry increasing exponentially, it's critical for those in leadership positions to get serious about HIPAA security and enforcement. You need to understand not only why HIPAA is important but how the rule enforcement process works and the penalties that can be implemented.

Read More

Topics: Healthcare, HIPAA, Compliance, Information Security

Why your next PCI Assessment can be smoother than you think

Posted by Mike Stailey on Nov 15, 2017 9:34:57 AM

PCI Compliance is here to stay:

Typically, IT managers dread the annual PCI assessment. With publicized credit card breaches on the rise, meeting PCI compliancy will be even more so of a requirement with potential increases in punitive actions for companies not meeting that compliancy. To add to the existing complexity of PCI DSS, with emerging threats of capabilities to breach corporate networks on a consistent basis, PCI requirements will remain in a perpetual state of change. 

Read More

Topics: Compliance, Ethical Hacking, Penetration Testing, Vulnerability Management, Threat Management

The Importance of Cybersecurity in Healthcare

Posted by David Howard on Sep 5, 2017 10:19:00 AM
Healthcare data theft totaled more than 112 million records in 2015, according to the Office of Civil Rights. Moreover, 42.5 percent of all data breaches have occurred in the healthcare industry in the last three years, and 91 percent of healthcare organizations have reported at least one breach in the last two years. Hackers, unauthorized access from staff, improper disposal, data loss — all of these factors contributed to large-scale data breaches in hospitals and medical facilities across the United States. Now, more IT managers and administrators are investing in cybersecurity to safeguard patient data.
Read More

Topics: Managed Detection & Response, Vulnerability Management, Compliance, Information Security, Healthcare

5 Reasons Why Security Log Monitoring Is an Effective Part of Any Cybersecurity Framework

Posted by Jyothish Varma on Aug 9, 2017 9:53:54 AM

A comprehensive cyber security framework consists of several components, and one of the most important among them is security log monitoring. Without an effective security log monitoring and management policy in place, a company runs the risk of non-compliance, and perhaps fines, if there is ever a data breach. In order to maintain compliance with guidelines laid out by laws like HIPAA, and frameworks such as PCI, companies need to have an effective security monitoring solution in place that can help them collect and analyze log information so they can detect and respond to cyber attacks.

Read More

Topics: Security Monitoring, Managed Detection & Response, Information Security, Compliance

Why IT Managers do not like PCI Assessments

Posted by Mike Stailey on Jun 28, 2017 2:14:00 PM

What is PCI Compliance?

Read More

Topics: Compliance, Information Security, Vulnerability Management, Managed Detection & Response

PCI's Bold Move to Define Penetration Testing

Posted by Mike Stailey on Apr 7, 2015 11:14:00 AM

In March 2015, the PCI Council released their Information Supplement for Penetration Testing Guidance.  This is a fantastic move as previous guidelines were centered on the completion of penetration tests and left the methodology for completing those up to the auditor.  With this guidance in place, we now have a clear definition to what qualifies as a penetration test in the eyes of the Council.  There isn’t a need to rehash the document for you here, and I encourage everyone to read it.  I would like to focus on a few key highlights that I’m happy to see added.

Read More

Topics: Compliance, Ethical Hacking, Penetration Testing

NetWorks Group is Hiring: Come Join Our Team!

Posted by NetWorks Group on May 6, 2013 9:17:00 AM

If you're a fan of delicious restaurants, awesome concert venues, Big 10 sports, or just a bike-friendly city, then you should probably be working with us in beautiful downtown Ann Arbor, Michigan. The team at NetWorks Group works at the corner of Main and Huron, a central-point to blocks of great places to shop, eat, and relax at. Located a short distance from the University of Michigan, NetWorks Group benefits from the feeling of both a college-town and an active business hub for southeastern Michigan. For a vibrant mixture of cultures, architecture, and activities, Ann Arbor is hard to beat!

Read More

Topics: Ethical Hacking, Information Security, Managed Detection & Response, Penetration Testing, Security Monitoring, Threat Management, Threat Hunting, Device Management, Compliance, Security Architecture Review, Incident Response, Vulnerability Management

Come Chat with NetWorks Group at an Upcoming Event

Posted by NetWorks Group on Apr 17, 2013 3:10:00 PM

At NetWorks Group, we put a lot of value in interacting in person with the various technology communities important to our team. More than that, we love to be able to meet with customers and people looking to find out more about what we do and how our team could help yours achieve tough goals.

Read More

Topics: Ethical Hacking, Managed Detection & Response, Information Security, Security Monitoring, Penetration Testing, Vulnerability Management, Threat Management, Compliance

Subscribe to our blog!