Breach Report 2019 – October

by Sarah Harvey / December 15, 2022

Every month there is headline after headline reporting about new data breaches. Whether it’s a ransomware attack, a negligent employee opening a phishing email, or a state-sponsored attack, millions of individuals are impacted by data breaches and security incidents on a regular basis. Let’s take a look at some of the top data breaches that occurred during October and the lessons we can learn from them. Krystal Fast Food Chain…

Sigstr’s Commitment to Security: The SOC 2 Journey

by Sarah Harvey / June 13, 2023

Sigstr helps the world’s best marketers do amazing things with their employees’ emails. The average person spends 6.3 hours in their inbox every day. Sigstr gives marketers the ability to serve targeted ads to their audience where they're spending the majority of their time: the inbox. This connectivity between Sigstr and email clients presents information security risks that Sigstr must address. We sat down with Brent Mackay, Director of Product…

CCPA Update: 4 Things to Know About the AG’s Proposed Regulations

by Sarah Harvey / December 15, 2022

On October 10, 2019, the California Attorney General released the much-anticipated California Consumer Privacy Act (CCPA) proposed regulations – providing some clarity to the strict data privacy law. The proposed regulations were divided into four key areas: notices to consumers, consumer requests, verification requirements, and special considerations for minors. What do you need to know about these regulations? How will they impact your organization’s CCPA compliance efforts? Let’s discuss. CCPA…

Dangers of XSS Attacks at Healthcare Organizations

by Sarah Harvey / June 14, 2023

In October 2019, Citizen Times reported that Mission Health, North Carolina’s sixth-largest health system and HCA Healthcare’s North Carolina Division, had disclosed a data breach caused by a cross-site scripting (XSS) attack. Cross-site scripting (XSS) vulnerabilities rank among OWASP’s top 10 web application security risks. XXS occurs when a web application doesn’t properly sanitize user input and their input (such as malicious code) is either reflected or stored on the…

HITRUST Update: HITRUST CSF® v9.3 Release

by Sarah Harvey / December 15, 2022

HITRUST®, a the leader in information security and privacy risk management and compliance programs, has announced a much-anticipated update to the HITRUST CSF in an effort to remain one of the leading data protection standards. HITRUST CSF v9.3 adds new privacy and security standards and updates six others existing within the certifiable framework. These changes were made in response to the ever-shifting information security landscape that is consistently updated with…