A watchdog security audit of a south Texas VA center identified a variety of deficiencies related to legacy systems still in use years after no longer being supported with vendor updates. The findings represent the state of security at many organizations across the healthcare sector, experts say.
The FBI is the latest federal agency warning healthcare sector entities of cyberattack threats to medical devices, especially unpatched and outdated products, recommending that organizations take steps to identify vulnerabilities and "actively secure" the gear.
In this episode of "Cybersecurity Unplugged," U.S. Air Force Chief Software Officer Nicolas M. Chaillan, a former DHS and DOD adviser, shares his opinions about the government's handling of DevSecOps and cybersecurity, where progress is being made and where more work needs to be done.
A top-notch security stack encompasses many different components – it’s part of the defense strategy against the ever-evolving threat landscape. But using legacy systems could be costing you extra, during a time when many budgets are being tightened more than ever.
We put together a few of the most important...
Data doesn't move itself. People—whether they are negligent, compromised or malicious—move data in secure and risky ways. Legacy approaches to data-loss prevention (DLP), building walls around your critical data, fails in today’s always-connected world. This e-book explores the growing challenges of today’s...
Cybersecurity and IT leaders globally are fretting about data protection. But investments in data loss protection (DLP) are inconsistent and, even with a legacy DLP solution, respondents still worry about being vulnerable to data loss. And the shift to remote and hybrid work has complicated the picture by widening the...
Changing your data loss prevention (DLP) solution is a major transition that can feel overwhelming. But relying on DLP built for an earlier era of business can be just as costly and expose your organization to needless risk. Download this e-book for three compelling reasons to modernize your approach to DLP. It...
When security practitioners lose their initial enthusiam for hunting cyberthreats, their companies begin to fail at cybersecurity, says CISO Marco Túlio Moraes. He discusses how collaborating with the business lines and moving from awareness to education all around can help fix this problem.
The U.S. Cybersecurity and Infrastructure Security Agency has begun issuing alerts about 56 flaws across operational technology equipment built by 10 different vendors. Researchers at Forescout Technologies say the flaws trace to poor design decisions by vendors.
Threats facing industrial control systems are well-documented, and as the Russia-Ukraine war continues, concerns are rising about reprisals aimed at poorly protected Western critical infrastructure, says Lionel Jacobs Jr., security architect for ICS and SCADA systems at Palo Alto Networks.
Critical infrastructure providers face a unique set of challenges when it comes to securing their environment from the cruciality of uptime to complying with new federal directives, according to Mark Cristiano, commercial director for Rockwell Automation's global services business.
As information technology - aka IT - and operational technology - aka OT - continue to converge, organizations must stay ahead of new security challenges and threats, says Mex Martinot, vice president and global head of industrial cybersecurity at Siemens Energy.
Former Rockwell Automation CISO Dawn Cappelli discusses the mission of the new Dragos OT-CERT - a cybersecurity resource designed to help industrial asset owners and operators build their OT cybersecurity programs, improve their security postures and reduce OT risk - and her role as its director.
The 2021 Dragos ICS/OT Cybersecurity Year in Review report says the number of industrial organizations with external connections to their industrial control systems has doubled, yet 86% of organizations report limited to no visibility of ICS environments. Tom Winston outlines the top challenges.
U.S. government agencies, including the Department of Energy, CISA, the NSA and the FBI issued a joint cybersecurity advisory about advanced persistent threat actors using new tools and malwares to target industrial control systems and supervisory control and data acquisition devices.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.
