Articles

Top 8 Security Risk Assessment Findings

Top 8 Security Risk Assessment Findings

We conduct dozens of security risk assessments for clients each year. It’s not surprising that we see a common pattern of issues among many of the organizations.  Below is a description of these issues and what you can do to manage the risk associated with them. ...

How to Build an Information Security Program

How to Build an Information Security Program

Executives and board members realize the importance of building a strong information security program.  Current efforts to protect information are now subject to more scrutiny by their customers, insurance companies and the government.  Ransomware and cyber-attacks...

Avoid a Security Audit, Conduct an Assessment in 5 steps

Avoid a Security Audit, Conduct an Assessment in 5 steps

The term “security audit” is often used synonymously with security risk assessment and risk analysis. But a security audit for HIPAA compliance is when Health and Human Services (HHS) audits a covered entity or business associate to determine their level of compliance...

The Importance of Business Impact Analysis (BIA)

The Importance of Business Impact Analysis (BIA)

As the name signifies, a BIA quantifies the impact of a cyber disruption on your business. It doesn’t matter if the disruption happens because of an internet outage or a severe breach — a BIA covers it all. A business impact analysis lays the foundation for a strong...

Protecting Personally Identifiable Information (PII)

Personally Identifiable Information (PII) refers to any information maintained by an agency that can be used to identify or trace a specific individual. In other words, it includes data points, such as social security number, date of birth, mother's maiden name,...

Ranking Information Security Risk

Ranking Information Security Risk

We have all seen the red, yellow, and green used on information security risk assessments to indicate high, medium, and low levels of risk. It is common with DIY security risk assessment tools used to satisfy HIPAA compliance. It’s time to retire this methodology....

S2Score

S2Score

S2Score is a comprehensive, risk-based measurement of information security assigned to your company based on a proven and thorough assessment process. Once completed, it will identify critical vulnerabilities, control gaps/ deficiencies, and applicable threats to the...

DueNorth Hires Brandon Haggerty, CISSP, GCWN

DueNorth Hires Brandon Haggerty, CISSP, GCWN

Brandon Haggerty, CISSP, GCWN Director of Security and Professional Services BA St John’s University MS Minnesota State University – Mankato DueNorth is pleased to announce that Brandon Haggerty, CISSP has joined NorthStar in a full-time capacity as of September 2018....

4 Types of Information Security Threats

4 Types of Information Security Threats

No matter how long you have been dealing with HIPAA there are probably some parts you just don’t get.  In the end, the HIPAA Security Rule exists to prevent bad stuff from happening.  So what is your risk of bad stuff happening?  That’s the purpose of one of the HIPAA...

Let Us Know How We Can Help 

Get More Information Today