Information security truisms: 2017 was the year of more cybersecurity - more attacks, more spending, more defenses, more breaches - and 2018 will see more of everything "cyber," plus GDPR enforcement, proxy wars online and more.
This episode of the ISMG Security Report is devoted to producer/host Eric Chabrow's recollection of the evolution of cybersecurity news and analysis during his nine years at Information Security Media Group. Chabrow is retiring after 45 years in journalism.
From worsening ransomware attacks to deepened concerns about external digital risk, former AT&T CISO Ed Amoroso says 2018 will be a challenging year, and security teams need to be building out their resiliency plans to prepare for what's ahead.
Simulated attacks by an information security testing firm have found that fresh WannaCry, NotPetya and EternalRocks would still rip through many an enterprise network. Here's how organizations must respond.
The U.S. Securities and Exchange Commission is planning to update its 6-year-old cybersecurity guidance for how publicly traded firms report data breaches to investors. Experts expect the refined guidance to cover insider trading program rules, breach notifications and business models.
Internet of things security alert: An attacker has been attempting to infect hundreds of thousands of Huawei home routers with a variant of the notorious Mirai malware called Satori, security researchers warn. Huawei has confirmed the flaw and issued patches and workarounds for affected users.
Nissan Canada Finance, which provides financing for Nissan and Infiniti vehicle buyers and leasers, is warning 1.13 million current and former customers that their personal information may have been stolen.
New York-Presbyterian has more than 72,000 medical devices from over 1,400 manufacturers, says CISO Jennings Aske. Given that scale, how can a security leader help ensure device cybersecurity? Aske shares his view of what's needed from manufacturers and the government.
Following the success of Russian offensive cyber operations, other countries will likely be testing their capabilities, says FireEye's Bryce Boland, who predicts nation-state attacks will become more common in 2018.
The U.S. Food and Drug Administration issued cybersecurity expectations for manufacturers of medical devices. But ow are those expectations being met, and what is the FDA's ongoing role in improving device security? The FDA's Suzanne Schwartz offers an update.
Since the massive data breach of credit bureau Equifax, the U.S. Congress has become more interested in the causes of data breaches. Australian security expert Troy Hunt, who recently traveled to Washington to share his insights with a House committee, discusses what he told lawmakers in this in-depth interview.
Fraudsters recently ordered a total of nine iPhones and Samsung S8s from Sprint and Verizon with my personal details. With the internet awash in stolen personally identifiable information, are mobile operators doing enough to prevent fraudulent orders?
It's been seven years since Dale Nordenberg, a pediatrician, became involved in the drive to improve medical device security. What progress does he see among manufacturers, government agencies and healthcare providers?
The international payments system is largely based on the three-decades old SWIFT messaging system. But cyberattackers have exploited weak controls employed by banks to make fraudulent transfers. Nick Armstrong of Identitii discusses a path forward for securing payments made with legacy systems.