The traditional IAM strategy has been to tie individual users with a unique device. But that doesn't work in healthcare settings, where doctors and nurses often share multiple devices. Jigar Kadakia of Partners HealthCare talks about how he approaches this critical challenge.
Encouraged by the moves of medical device manufacturers, Jennings Aske, CISO of NY Presbyterian Hospital, says the "state of the union" of medical device security has improved dramatically. But what more is needed to mitigate risks?
The latest edition of the ISMG Security Report analyzes the debate over whether the government should require technology firms to use weak encryption for messaging applications. Plus, D-Link's proposed settlement with the FTC and a CISO's update on medical device security.
Findings from researchers who hacked Croatia-based vendor Zipato's smart hub controllers, which can manage networked locks, lights and security cameras, underscore the risks that can accompany home automation devices. "Smart home" vendor Zipato says it's fixed the flaws.
A recent $3 million bank heist in Bangladesh is likely the handiwork of "Silence," a Russian-speaking gang known for its slow and methodical attacks against banks and ATMs, according to an analysis by security firm Group-IB.
Semiconductor manufacturing giant Broadcom is looking to purchase endpoint security firm Symantec, Bloomberg reports, noting that while discussions are at an advanced stage, no terms have been disclosed and no deal is guaranteed.
D-Link has reached a proposed settlement with the U.S. Federal Trade Commission, which alleged the IoT device developer left consumers vulnerable to hackers through inadequate security practices. The terms of the settlement may serve as a warning to IoT makers to get their security checks in order.
In many ways compliance creates bureaucracy, but it doesn't need to be difficult. It is possible to maintain continual GDPR compliance without many of the headaches if done in the right ways.
Ongoing GDPR compliance oversight requires the ability to solidify and secure the processes associated with people changing...
Download this report to discover the uncomfortable truths of endpoint security. Based on an independent survey of 3,100 IT managers across 12 countries, the report reveals, among other things:
Why IT teams can't plug their security gaps
How much time is lost investigating non-issues
Where most cyberattacks are...
This guide is essential reading for anyone thinking about endpoint detection and response (EDR).
Get the top five reasons you need EDR.
Discover how Sophos Intercept X Advanced can help at every step.
Learn what to consider when evaluating EDR solutions.
Sophos is the latest security firm to create a proof-of-concept exploit for the BlueKeep vulnerability in older versions of Windows. The company echoed several government agencies that have urged businesses to patch their devices.
The debate over whether the U.S. government should have the right to force weak crypto on Americans has returned. Here's what hasn't changed since the last time: mathematics and the choice between strong crypto protecting us or weak encryption - aka backdoors - imperiling us all.
The firmware of more than 500 Huawei networking products is riddled with security weaknesses that make the vendor risky to use for 5G networks, a new report contends. The study analyzed more than 9,000 firmware images in 558 enterprise products from the Chinese company.
An effective third-party risk management program starts with asking the right questions, says Brad Keller, chief strategy officer and senior vice president at the Santa Fe Group, a strategic advisory company, who spells out key issues to address.