Last week a Remote Code Execution vulnerability was disclosed in Spring. Spring is an open-source application framework that provides infrastructure support for creating Java applications that can be deployed on

Authentication bypass due to weak verification of SAML Token What is authentication bypass in web applications? The web application vulnerability – authentication bypass occurs when there is improper validation of

If there is a central key aspect of healthcare security, it is HIPAA. The Health Insurance Portability and Accountability Act of 1996 changed the way healthcare providers increased the security

Accorian at UPES, Dehradun Despite industry-wide hiring freezes as a result of COVID, Accorian has established its first university recruitment channel with UPES Dehradun for their security graduates; having hired

The last 2-3 years have seen a spike in the adoption of cloud especially among organizations who had possibly never thought about moving to a shared environment due to security

Telehealth is the distribution of health-related services and information via electronic channels allowing long-distance patient and clinician contact, care, advice, reminders, education, intervention, monitoring, and remote admissions. There has been

In today’s complex technological world, there is always the danger of a hostile threat environment lurking around the corner, waiting to manipulate the potholes in the processes and technology. People

Today’s world is an ever-changing scenario with changes to the technology sector happening more frequently than ever due to emerging technologies. The case is quite similar in the field of

E-mails are the most used productivity tool by employees. They are also a treasure trove of information and are a lucrative target for hackers as all your data – company,

A risk management program allows you to manage overall information security risk.  It is an approach to identify, quantify, mitigate, and monitor risks.  The reason to look at risk in

In the digital age data privacy & protection is a huge concern for company of all sizes. In part, because data breaches are happening daily, exposing personal data of millions

APIs & Web Services are essential supporting building blocks for today’s applications. They’re not only the connective tissue between applications, systems, and data, but also the mechanisms that allow developers

At the start of the year, HITRUST released an updated methodology for scoring requirements. This will ensure that organizations focus on maintaining a robust program with implemented controls for enhancing

How the times have changed. 15 years ago, cyber-security consisted of making sure you had an anti-virus program running on your machines. It didn’t matter if it was effective, but

A penetration test (Pen Test) is one of the best ways a company can test their IT assets for vulnerabilities that a hacker could exploit to access sensitive data (customer,

We often learn about the latest security issues, threats, vulnerabilities, attacks, and ransoms every day. While much of the advertised information we read is about external vulnerabilities, there is another,

On October 28, 2019, HITRUST announced the release of version 9.3 of the HITRUST CSF information risk and compliance management framework. The HITRUST CSF is an important step in the

October is National Cybersecurity Awareness Month​ and it’s a reminder that we need to be vigilant about protecting our privacy and our business from possible cyber attacks.  This initiative is a joint

Remember the phrase “Seeing is believing?” Deepfake videos have people second guessing what they are watching. Deepfakes are videos manufactured by AI technology that can superimpose someone’s face on another

Any for-profit company that does business or has customers in California should prepare for the California Consumer Privacy Act (CCPA). Here’s why they should. The CCPA applies to businesses that

On August 27, 2019, Accorian, facilitated a successful HITRUST Community Extension Program in New York city. Security and Technology professionals from organizations in healthcare, finance and technology attended the town

Like my high school coach always said, “Stick to your basics”. The Equifax and CapitalOne breaches reminds us that cyber-attacks don’t always come from sophisticated hacking groups. I’m sure these companies

FaceApp, the AI-powered picture-editing program, is trending in social media. We’ve all seen the pictures of celebrities using FaceApp to make themselves look older or younger. However, security experts are

Companies of all sizes are doing a good job beefing up their cybersecurity and that’s great. But… many are forgetting an often overlooked target – their third party service providers.

Small and Medium Businesses (SMBs) are often unsure of where they stand when it comes to cybersecurity. While larger companies treat cybersecurity with white gloves SMBs often think that they

In 2018, 15 million patient records were breached during 503 healthcare cyber-attacks. That’s three times the amount of reported incidents in 2017*. As breaches continue to escalate, healthcare records are

With the number of security breaches occurring right now there is a tremendous focus on cybersecurity in companies of all sizes. In many cases, the board wants to know that

Risk assessments are the backbone to any good security and risk plan. Risk assessments test your current information system and reveal any areas where data is at risk of theft