With just a few months left until the EU's General Data Protection Regulation will be enforced, too many so-called "experts" are spreading fear and falsehoods about the regulation, says Brian Honan, a Dublin-based cybersecurity consultant, who clarifies misperceptions in an in-depth interview.
The latest ISMG Security Report leads with a report on a malware attack on an industrial safety system that experts contend could threaten public safety. Also, legislation giving DHS's cybersecurity unit a meaningful name progresses through Congress.
Crowdsourced cybersecurity, specifically bounty-based collaboration between organizations and white-hat hackers, is a burgeoning method of security reinforcement utilized by tech giants such as Google, Apple, and Microsoft, as well as other major companies in recent years.
Instead of awaiting a malicious breach,...
The New York state Department of Financial Services' cybersecurity regulation - 23 NYCRR Part 500 - has been in effect for nearly a year now, and covered entities face some significant compliance milestones in 2018. This regulation puts new demands on financial institutions for security leadership, breach...
Most of the criminal activity targeting today's enterprises originates at the endpoint, and the majority of modern breaches use known threats or vulnerabilities for which a patch already exists. For this reason, endpoint visibility must be complete and continuous.
Denial of Service, web application layer attacks, credential abuse and IoT - these are the attack trends and vectors that will make headlines in 2018.
Download this whitepaper and learn:
Top attack types and vectors seen in 2017;
Volume and types of attacks to expect in 2018;
The role IoT will play in attacks to...
Medical records are worth up to 10 times more than credit card numbers in resale value on the black market. This has led to an explosion in medical identity fraud.
Download this guide and learn:
How DLP can help you meet stringent HIPAA enforcement;
How to make the case for DLP to a hospital board;
Hospitals and healthcare organizations must ensure that both their mundane and highly-sensitive information is protected and compliant, which is where content aware data loss prevention comes in.
To ensure your data is not breached, download this whitepaper and learn:
How to identify project priorities and...
When a healthcare system wanted to ensure HIPAA/EDI compliance, they undertook a risk assessment to better understand their security posture. They uncovered sensitive data being sent out over the internet instead of through a secure channel which had been set up.
Download this case study and learn how SCHS was able...
With the rise in ransomware attacks targeting healthcare organizations, the U.S. Department of Health and Human Services (HHS) has issued a guidance document that explains the basics of ransomware, what organizations should do in the event of data breach, and how to contain the attack from stealing sensitive patient...
Healthcare is the only industry where employees are the primary reason for a data breach. A variety of motives including monetary gain, negligence or the need to access patient data quickly lead to Patient Health Information (PHI) loss.
Download this whitepaper and learn:
Real world scenarios that put PHI data at...
Complicating healthcare compliance efforts is the growing trend of migrating patient data to cloud storage and hosted applications such as Health Information Exchange systems. The cloud lowers costs and improves efficiency, but widens the attack surface for data breaches.
To counter this challenge, download this...
The latest ISMG Security Report features a special report on securing medical devices. Healthcare security leaders from the FDA, an academic medical center and a medical device manufacturer share their insights on the challenges involved.
Ethiopian dissidents living overseas had their devices infected with spyware made by an Israeli defense company, Canadian researchers allege. Their findings have revived longstanding concerns over some governments' potential abuse of powerful surveillance tools.
The hacker to whom Uber paid $100,000 to destroy data and keep quiet about its big, bad breach is a 20-year-old man living in Florida, Reuters reports. But numerous questions remain about the 2016 breach, including whether the payment was a bug bounty, extortion payoff or hush money.