Procurement experts testified to the House subcommittee on cybersecurity, information technology and government innovation Wednesday that government requirements leave too many unanswered questions and ambiguities for federal agencies when it comes to implementing SBOMs.
As Congress weighs potential legislative and regulatory guardrails for the use of AI in healthcare, issues such as human oversight, privacy and security risk need close attention, said healthcare industry experts who testified during a House Energy and Commerce subcommittee hearing on Wednesday.
A vendor focused on fast-tracking government access to commercial software closed its Series B funding round to support more classified and regulated environments. The $40 million will allow Second Front Systems to support additional bespoke networks in the U.S. Defense and National Security space.
General Electric says it is aware of claims made by "a bad actor" about gaining unauthorized access to its sensitive data and taking "appropriate measures to help protect the integrity of our systems" after a hacker known as IntelBroker advertised access to its networks and data.
Patient services - including emergency care and telehealth appointments - are still affected at dozens of hospitals and other care facilities in several states operated by Ardent Health Services as the Tennessee-based organization continues to respond to a Thanksgiving Day ransomware attack.
Tennessee-based Ardent Health Services, which operates dozens of hospitals and other healthcare facilities in several states, said on Monday that it is dealing with a ransomware attack that has forced the entity to divert some patients and cancel or reschedule certain procedures.
The tally of individuals whose health data was compromised in a hack on MOVEit file transfer software used by Welltok, a provider of online wellness resources to dozens of health plans, has soared to nearly 8.5 million. The hack is among the biggest health data breaches reported so far this year.
Generative AI can improve operational efficiencies, enhance risk and compliance and elevate the client experience for financial services firms, said Wipro's Suzanne Dann. Wipro embraced generative AI to reduce fraud by spotting anomalous behavior and used synthetic data to test deep learning models.
President Joe Biden's recent executive order for artificial intelligence encourages investment in AI while setting a vision for a regulatory framework to address issues involving AI technology safety, bias and other concerns in healthcare, said attorney Wendell Bartnick of the law firm Reed Smith.
In the latest weekly update, the former federal CISO, Grant Schneider, joins three editors at ISMG to discuss important cybersecurity issues, including advice for the next White House cyber director and liability concerns facing CISOs following SolarWinds and its CISO being accused of fraud.
Despite the high frequency of major health data breaches involving vendors, many healthcare sector entities remain lax in their approach to manage and reduce third-party security risk, said Glen Braden, CIO and principal of compliance auditing firm Attest Health Care Advisors.
North Korean state-affiliated hackers are continuing to exploit zero-days in popular software applications as part of global supply chain attack campaigns for espionage and financial theft purposes, British and South Korean cybersecurity and intelligence officials said.
AI is being used "by everyone" these days, including by malicious nation-state actors, and that is raising the level of threats and risks facing hospitals and other healthcare entities, said John Riggi, national adviser for cybersecurity and risk at the American Hospital Association.
The Australian government says it will mandate ransomware reporting by businesses, boost law enforcement capacity and fund startups with innovative cybersecurity solutions under a strategy unveiled Monday. "We cannot continue as we have," said Cyber Security and Home Affairs Minister Clare O'Neil.
European electoral and cybersecurity authorities on Tuesday held a joint exercise assessing plans to hold an incident-free election, weeks after trading bloc cybersecurity agency ENISA said the election is at risk from deepfake images and videos.