Articles

Top 8 Security Risk Assessment Findings

Top 8 Security Risk Assessment Findings

We conduct dozens of security risk assessments for clients each year. It’s not surprising that we see a common pattern of issues among many of the organizations.  Below is a description of these issues and what you can do to manage the risk associated with them. ...

How to Build an Information Security Program

How to Build an Information Security Program

Executives and board members realize the importance of building a strong information security program.  Current efforts to protect information are now subject to more scrutiny by their customers, insurance companies and the government.  Ransomware and cyber-attacks...

Avoid a Security Audit, Conduct an Assessment in 5 steps

Avoid a Security Audit, Conduct an Assessment in 5 steps

The term “security audit” is often used synonymously with security risk assessment and risk analysis. But a security audit for HIPAA compliance is when Health and Human Services (HHS) audits a covered entity or business associate to determine their level of compliance...

What is the FTC Safeguards Rule

What is the FTC Safeguards Rule

The FTC Safeguards Rule mandates that non-banking financial institutions, such as mortgage brokers, motor vehicle dealers, insurance provider, payday lenders and other businesses develop, implement, and maintain comprehensive information security programs. These...

NIST Cybersecurity Framework Risk Assessment Process

NIST Cybersecurity Framework Risk Assessment Process

Cybersecurity for your business can be confusing. You want to protect your business from breaches, data theft, and ransomware.  You also have a myriad of information security compliance requirements.  Where should you put your time and money to try to be both secure...

The Importance of Business Impact Analysis

The Importance of Business Impact Analysis

As the name signifies, a BIA quantifies the impact of a cyber disruption on your business. It doesn’t matter if the disruption happens because of an internet outage or a severe breach — a BIA covers it all. A business impact analysis lays the foundation for a strong...

Protecting Personally Identifiable Information (PII)

Personally Identifiable Information (PII) refers to any information maintained by an agency that can be used to identify or trace a specific individual. In other words, it includes data points, such as social security number, date of birth, mother's maiden name,...

Ranking Information Security Risk

Ranking Information Security Risk

We have all seen the red, yellow, and green used on information security risk assessments to indicate high, medium, and low levels of risk. It is common with DIY security risk assessment tools used to satisfy HIPAA compliance. It’s time to retire this methodology....

S2Score

S2Score

S2Score is a comprehensive, risk-based measurement of information security assigned to your company based on a proven and thorough assessment process. Once completed, it will identify critical vulnerabilities, control gaps/ deficiencies, and applicable threats to the...

DueNorth Hires Brandon Haggerty, CISSP, GCWN

DueNorth Hires Brandon Haggerty, CISSP, GCWN

Brandon Haggerty, CISSP, GCWN Director of Security and Professional Services BA St John’s University MS Minnesota State University – Mankato DueNorth is pleased to announce that Brandon Haggerty, CISSP has joined NorthStar in a full-time capacity as of September 2018....

4 Types of Information Security Threats

4 Types of Information Security Threats

No matter how long you have been dealing with HIPAA there are probably some parts you just don’t get.  In the end, the HIPAA Security Rule exists to prevent bad stuff from happening.  So what is your risk of bad stuff happening?  That’s the purpose of one of the HIPAA...

Call Us

Let Us Know How We Can Help

Get More Information Today

"*" indicates required fields

Name*