Red Tape

Tue
09
Aug

Risk Management for Healthcare Systems

Contributed by Lamaris Davis

The responsibility of risk management in healthcare systems falls on multiple individuals within any given organization. It’s well known that most hospitals and healthcare systems do not have a completely practicable risk management system that spans across an entire organization and operational structure for the delivery of key services. Ensuring the security of protected health information (PHI) in your health IT system requires that you institute measures to guard against unauthorized use or disclosure of PHI. A risk management plan should have five key parts which are administrative safeguards, technical safeguards, physical safeguards, organizational standards, and policies and procedures. For any single risk, a combination of safeguards may be necessary because there are multiple potential vulnerabilities that exist that could negatively affect healthcare systems, according to the American Society for Healthcare Risk Management.

Mon
08
Aug

Incident Response Planning In Industrial Control Systems

Contributed by Bill Clark

This paper discusses what Incident Response (IR) Planning is, what Industrial Control Systems (ICS) are, and how IR Planning pertains to ICS security. IR Planning is the process of preparing for any type of adverse event, also known as an incident, which can cause a process degradation or failure in a system. A system can be hardware, software, or a combination of both. An event can be man-made or natural in origin. An ICS is a combination of hardware and software processes that use extreme precision to automate or control most of today’s manufacturing product lines, water and power utility production plants, and transportation systems for people and products. For ICS applications and data, availability is the first priority.  

This document is in PDF format. To view it click here.

Thu
21
Jul

Better Passwords and Policies

Contributed by David Patten

Everyday press releases cover information security breaches from many top companies. Often these breaches include releasing the passwords that were stolen. Sadly, these passwords are usually trivial to crack which leads to further exploitation. Simple passwords are a problem that is created by both human nature and by poor password policies and training. This paper will look at the tools used to crack passwords, the passwords users create, password policies, and look at some creative and innovate solutions to the password problem.

This document is in PDF format. To view it click here.

Wed
20
Jul

Privacy and Government Surveillance

Contributed by David W. Mitchell

Federal government’s broad powers to act for public safety and national security are limited by the First Amendment and Fourth Amendment. The 9/11 attack have open the doors on warrantless surveillance programs. The mass collection of sensitive information has been challenged by many as an invasion of privacy. Snowden’s release of sensitive information has brought to light the true challenges between government surveillance and privacy. There is a true need to balance government surveillance and privacy in order to protect America. Lawmakers are starting to recognize this with the introduction of new laws to tackle and balance privacy with government surveillance. These improved laws must be introduced on a national level.

This document is in PDF format. To view it click here.

Wed
01
Jun

Legal Issues of Data Held Hostage

Contributed by Robert Underwood

Data held hostage has become a recent technology trend with computers and with these types of attacks in which crooks take a victim’s data and hold it for ransom demanding money to release our data back to us, which seems to be clearly a violation in law but how do we prosecute these criminals and what can we do to prevent these types of attack. A similar attack vector used like ransomware restricts a victim’s access to their computer functionality by popups and annoying spawning programs in which money is leveraged from the victim to stop the attack.

This document is in PDF format. To view it click here.

Pages

Subscribe to RSS - Red Tape