Insight
Building Operational Agility in Healthcare: Focus on your Non-Employees
If the past few months have taught us anything, it’s that healthcare organizations need to be able to scale – quickly, securely, and with patient care at the forefront.
The key is operational agility.
Operational agility is the ability to respond quickly to changing external conditions, without compromising long-term objectives. In a healthcare context, this means being able to respond to rapid swings in public health conditions, new regulatory guidance, or emerging security threats without compromising on patient care, data protection, or research goals.
Fundamentally, developing operational agility is about building a core set of processes and capabilities and enabling your people to operate dynamically within that environment.
Insight
The Name of Your SOC Matters: Tips for Picking a Name that Fits
Focal Point has worked with a number of security operations teams, helping them advance their capabilities, execute on their strategies, and strengthen their skills. More often than not, we’re brought in because stakeholders don’t feel like their security operations are meeting the needs of the organization. When we dive into it, we often find that this “failure” is driven by a misalignment between what security operations does and the expectations of the leadership team. Left to fester, many security operations teams find them on the short end of the long-term leadership support they need.
There are a few ways that this breakdown occurs, but one of the simplest to fix and most commonly overlooked is the name.
Insight
The Countdown to CCPA Enforcement
The Covid-19 pandemic brought much of the world to a standstill, but one thing it has not impacted is the enforcement date for the California Consumer Privacy Act (CCPA). The CCPA, which went into effect on January 1 of this year, grants California residents new privacy rights for their personal information and is considered the most robust state privacy law in the U.S. Enforcement of this landmark privacy law begins on July 1, 2020, but Covid-19 has increased concerns over whether companies have the time and resources necessary to be ready by then.
Despite dozens of requests for a delay due to Covid-19 pandemic, the California Attorney General Xavier Becerra declined to extend the July 1 deadline, stating that privacy concerns have increased during this time. In this post, we’ll take a closer look at these extension requests, recent CCPA lawsuits, and steps your business can take to prepare for life after July 1.
Insight
A Free Covid-19 Cyber Awareness Email Template
Since the end of February, phishing emails have spiked by over 600% as cyber attackers look to capitalize on the stress and uncertainty generated by the Covid-19 pandemic.
The attackers behind these malicious emails typically pose as a trusted organization or a legitimate source (i.e., World Health Organization (WHO), the Centers for Disease Controls (CDC), government agencies, banks, coworkers, etc.) who claim to have information regarding Covid-19 such as the latest statistics, advice for staying healthy, refunds for event cancellations, and information regarding government support packages and stimulus checks. If successful, these types of attacks can compromise credentials, personal and corporate data, and critical systems and open the door to a wide array of corporate fraud.
Covid-19 has already forced many organizations to quickly transition to a fully remote workforce, which has created new security and privacy risks. Since anyone can be a target for a Covid-19-tailored attack, it is important to ensure your employees are prepared to recognize these phishing schemes.