Written by Willie Zhang and Keegan Paisley
On March 11th, medical technology manufacturer Stryker disclosed a cybersecurity incident affecting its internal IT systems. The attack caused a global disruption to the company's Microsoft environment. Stryker activated its incident response process and brought in outside cybersecurity specialists.
Topics: Cybersecurity, Information Security, Incident Response, healthcare, Compliance, GRC
The Cybersecurity Maturity Model Certification (CMMC) Program was created to ensure organizations working with or within the Defense Industrial Base (DIB) met a baseline level of protections and practices in place for CUI. After proposing the first version, there was significant feedback that caused a review period and the eventual release of CMMC 2.0.
Topics: Cybersecurity, Data Security, NIST, Compliance, CMMC, GRC
In January 2025, the U.S. Department of Health and Human Services (HHS) introduced proposed updates to the HIPAA Security Rule, aiming to close security gaps and strengthen protections for electronic protected health information (ePHI). These changes come in response to an alarming rise in cyberattacks in the healthcare sector, where ransomware and data breaches have affected millions of patients and cost the industry billions of dollars.
Topics: Cybersecurity, HIPAA, Data Breach, Information Security, Data Security, Data Protection, healthcare, Passwords, Risk Assessment, Ransomware, MFA, Compliance, Policies & Procedures
CMMC Final Rule, 32 CFR Part 170, was released with formal publishing set for October 15, 2024.
Topics: Cybersecurity, Information Security, Compliance, CMMC