In January 2025, the U.S. Department of Health and Human Services (HHS) introduced proposed updates to the HIPAA Security Rule, aiming to close security gaps and strengthen protections for electronic protected health information (ePHI). These changes come in response to an alarming rise in cyberattacks in the healthcare sector, where ransomware and data breaches have affected millions of patients and cost the industry billions of dollars.
Topics: Cybersecurity, HIPAA, Data Breach, Information Security, Data Security, Data Protection, healthcare, Passwords, Risk Assessment, Ransomware, MFA, Compliance, Policies & Procedures
It’s hard to believe that we survived 2024, and with 2025 finally here, we thought we would present where ProCircular sees the world headed. The cybersecurity landscape continues to evolve at a breakneck pace, driven by AI-enabled threats and an increasingly complex world. From deepfake videos to targeted social engineering, attackers are finding new ways to exploit trust and access critical systems.
Topics: Cybersecurity, Network Security, Data Breach, Information Security, Data Security, Data Protection, Security Awareness Training, healthcare, hacking, Manufacturing, Passwords, risk, Ransomware, Banking, Financial Institutions
In today's evolving digital landscape, ensuring the security of your organization’s sensitive information is more critical than ever. Traditional security measures, including Multi-Factor Authentication (MFA), are essential but not foolproof.
Topics: Cybersecurity, Information Security, Data Security, Data Protection, cybersecurity plan, Passwords, social engineering, MFA
Recently, the American Hospital Association warned that Black Basta, a known ransomware group, would be accelerating attacks within the healthcare sector. The group gained notoriety for their sophisticated attack methods and high-profile targets and typically operates by infiltrating a network, exfiltrating sensitive data, and then encrypting the victim's files.
Healthcare organizations can stay vigilant against threat actors by adopting a comprehensive cybersecurity strategy that incorporates regular testing and 24/7 monitoring. ProCircular also recommends the following:
Topics: Cybersecurity, Network Security, Data Breach, Information Security, Data Security, Data Protection, Security Awareness Training, healthcare, hacking, Passwords, risk, Ransomware
During a penetration test, login credentials are a highly sought-after item. While it is common to harvest that information via email scams (phishing attacks), it is not always the most practical or effective tactic to gain unauthorized access. That access, however, still requires a valid set of credentials. This poses a challenge. How does an attacker find valid accounts without social engineering? There are two main options: breached credentials and password spraying.
Topics: Cybersecurity, Network Security, Data Protection, Personal Data Protection, Security Awareness Training, Passwords, Monitoring