As of March 1, 2019, covered entities will be required to be in compliance with the New York Department of Financial Services Cybersecurity Regulation Section 500.11, the Third Party Service Provider Security Policy. What are the key requirements? Attorney Ted Augustinos, a partner at Locke Lord LLP, outlines the new...
Find out all the benefits of using one security solution across your on-premises data center and AWS cloud workloads. Get expert insight on use cases, plus informative real-world examples plus more about how the cloud services hub/Transit VPC Solution leverages the cloud's scalable network to provide security services...
As the year winds down, phishing and ransomware attacks continue to plague the healthcare sector, as illustrated by recent breach reports. A hospital owned by Cancer Treatment Centers of America is among the latest phishing victims.
Thousands of emails from four senior aides within the National Republican Congressional Committee were exposed after their accounts were compromised for several months earlier this year, Politico reports. Few details have been released about the incident, which was investigated by Crowdstrike.
The healthcare sector is making progress in moving from a reactive to a proactive approach to cybersecurity as it learns lessons from other sectors, including financial services, says Greg Garcia, executive director for cybersecurity at the Healthcare and Public Health Sector Coordinating Council.
To combat cyberattacks, more nations must not only hold nation-state attackers accountable, but also better cooperate by backing each other's attribution, said Estonian politician Marina Kaljurand, who chairs the Global Commission on the Stability of Cyberspace, in her opening keynote speech at Black Hat Europe 2018.
Financial institutions of all sizes can use a new Cybersecurity Profile tool to help them comply with a variety of regulations and implement the NIST Cybersecurity Framework, says Denyette DePierro of the American Bankers Association.
Common data security mistakes made by many organizations including having a static security plan that doesn't evolve, focusing solely on compliance and not testing incident response plans, says Monique Kunkel of NTT Data Services.
A severe vulnerability in Kubernetes, the popular open-source software for managing Linux applications deployed within containers, could allow an attacker to remotely steal data or crash production applications. Microsoft and Red Hat have issued guidance and patches; they recommend immediate updating.