In 2017, 15,038 new CVEs were published, up from 9,837 in 2016. Last year, 16,500 new CVEs were disclosed. With vulnerabilities growing year after year, patching every potential threat to your business is a futile exercise. The need to prioritize is clear, but where to start, especially when CVSS categorizes the...
A small Michigan medical practice that plans to permanently shut down in the wake of a recent ransomware attack is an example of the devastation that can result from a serious cyberattack.
Albany, New York, is the latest unit of local government hit with ransomware in recent weeks, following similar attacks reported in Georgia and North Carolina that crippled government IT systems and disrupted service for local residents.
Legislation introduced last week would give the U.S. Senate's sergeant at arms responsibility to help secure the personal devices and online accounts used by senators and their staff to help ward off cyberattacks and other threats.
What are the most common causes of major health data breaches that have been added to the official federal tally so far this year? Read this analysis to find out the details.
If you run a Magento-powered e-commerce site, it's time to patch again. E-commerce sites continued to be targeted by cybercriminals seeking to steal payment card data, and experts recommend moving quickly to plug the most critical flaw, a SQL injection vulnerability.
Communication of cyber risks to executives using enterprise risk methodologies is imperative for improving incident prevention, according to Randy Trzeciak and Brett Tucker of Carnegie Mellon University, who offer tips.
Many third-party risk programs address information technology but not operational technology, says Dawn Cappelli of Rockwell Automation, who discusses why OT security should be a priority.
The conventional approach to cybersecurity focuses on separating the good from the bad using perimeters, firewalls, containers and other methods. But Corey Williams of Idaptive says that approach is no longer sufficient.
An essential component of protecting payment information is devaluing the data that is transmitted so it's of no use to hackers, says Lance Johnson, executive director of the PCI Standards Security Council.
A proposed settlement in a class action lawsuit filed against ULCA Health in the wake of a 2015 cyberattack affecting 4.5 million individuals stands apart from other settlements because it requires the organization to spend a substantial sum on improving its security, says attorney Steven Teppler.
Buyer beware: A new study shows used USBs offered for sale on eBay and elsewhere may contain a wealth of personal information that could potentially be used for identity theft, phishing attacks and other cybercrimes.
On the latest stop in this roundtable dinner series, ISMG and Zscaler visited Seattle to discuss security's role as a catalyst for digital transformation.
With attendees representing financial services, manufacturing, healthcare and technology, the roundtable presented new insights on the security organization's...
ISMG and Zscaler hosted a roundtable dinner in Columbus focused on security's role in digital transformation. Creating a culture which views security as central to business enablement was a core component of the discussion.
Download this exclusive eBook and learn how businesses large and small, old and young, are...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.
