The White House, fearing China is spying on phone calls, has suggested that the U.S. government take a primary role in marshaling the development of secure 5G networks. But would nationalizing 5G networks make them more secure?
Technology giants are still struggling to identify what's at risk from the Spectre and Meltdown flaws in modern CPUs, never mind getting working security updates into users' hands. In the meantime, expect a rush by researchers to find more flaws in microprocessor code.
This episode of the ISMG Security Report is devoted to producer/host Eric Chabrow's recollection of the evolution of cybersecurity news and analysis during his nine years at Information Security Media Group. Chabrow is retiring after 45 years in journalism.
Simulated attacks by an information security testing firm have found that fresh WannaCry, NotPetya and EternalRocks would still rip through many an enterprise network. Here's how organizations must respond.
Fraudsters recently ordered a total of nine iPhones and Samsung S8s from Sprint and Verizon with my personal details. With the internet awash in stolen personally identifiable information, are mobile operators doing enough to prevent fraudulent orders?
An assessment on whether North Korea is behind the WannaCry ransomware attacks leads the latest edition of the ISMG Security Report. Also, the co-author of NIST's revised Trustworthy Email special publication discusses changes in the guidance.
In an information technology environment where personnel are taking on increasingly complex responsibilities, the key to ensuring security is still awareness training, says former U.S. CISO Gregory Touhill, who says he'd put his last dollar on it.
What does the title National Protection and Programs Directorate mean to you? It's not so clear, unless you are familiar with the Department of Homeland Security's organizational chart. To clarify its mission, the House has voted to rename - and revamp - the DHS agency.
The HITRUST Cyber Threat Xchange played a role in making U.S. healthcare organizations aware of the worldwide WannaCry ransomware campaign early enough to help them thwart the threat, says HITRUST's Elie Nasrallah.
The Department of Health and Human Services has taken important steps to fight Medicare and Medicaid fraud, but can further strengthen its efforts in several ways, according to a new GAO report. GAO estimates that in fiscal 2016, improper Medicare and Medicaid payments totaled about $95 billion.
Christiana Care Health System, which operates a network of hospitals, is working on several risk management priorities for 2018, including adopting the HITRUST framework, implementing appropriate controls for protecting against emerging threats and phasing in new security technologies, says Anahi Santiago, CISO.
Email, which is too easily spoofed, phished or taken over, remains a leading cybersecurity risk. But finally, after years of pushing, the Domain-based Message Authentication, Reporting and Conformance standard, or DMARC is helping to bolster email security, says Phil Reitinger, CEO of the Global Cyber Alliance.
If you want to anticipate a prospective hacker's moves, then you'd better be able to think like one. That's the position of Terry Cutler, an ethical hacker who dedicates his time to testing organization's cybersecurity defenses - and their people.
As data breaches increase in scale and frequency, businesses must ensure an effective, swift and well-orchestrated response. To help them, ISMG on Wednesday and Thursday will host a Fraud and Breach Prevention Summit in Mumbai offering insights from 20 leading CISOs and many other experts.