Leading the latest edition of the ISMG Security Report: Inside the darknet marketplaces that serve cybercrime-as-a-service buyers and sellers. Also, why the healthcare sector remains so bad at detecting data breaches and blocking ransomware.
In one of the largest HIPAA settlements ever, federal regulators have signed a $3.5 million settlement with a Massachusetts-based healthcare organization that reported five small health data breaches in 2012 involving lost or stolen unencrypted computing devices.
The number of data breaches reported by U.S. organizations reached an all-time high last year. In 2017, organizations that described how bad their breach was - and one-third did not - collectively lost 14 million payment cards and 158 million Social Security numbers, according to the Identity Theft Resource Center.
On cybercrime forums and darknet marketplaces, there's an abundant supply of cybercrime products and services and lots of demand, plus prices remain low, says Flashpoint's Liv Rowley. All that's needed to leverage the products and services to make a profit, she says, is a bit of knowledge.
Federal regulators are warning healthcare entities and business associates to take action to prevent becoming the next victim of cyber extortion, such as a ransomware attack. What are the recommended steps? And what other insights do experts offer?
Fitness app and website developer Strava has landed in hot water after publishing a global heat map that shows users' workout routes in aggregate. By doing so, the firm has inadvertently revealed military installation layouts and other sensitive information.
As the global threat landscape shifts, so does Kaspersky Lab. Moving from its traditional cybersecurity focus, Kaspersky now is honing in on fraud prevention. Emma Mohan-Satta describes this shift and what it means for security and anti-fraud leaders.
The U.S. government's idea to take the reins of the development of 5G mobile networks has been met with cynicism and criticism. But there are goods reasons the government is worried: Standards haven't been set in stone yet, and 5G will present a bevy of new security challenges. Here are some of them.
As big-data analytics matures, it will play a bigger role, but security information and event management software, or SIEMs, will also remain essential, contends Gary Warner, director of research in computer forensics at the University of Alabama at Birmingham.
After two years on the sidelines, watching what he calls the expansion of "cyber insurgency," Tom Kellermann declares himself "back on the field" as chief cybersecurity officer at Carbon Black. How have threats evolved, and what is his hands-on mission?
How effective are nation-backed trolls at influencing individuals via social media? An analysis of Russian trolls' accounts suggests they're designed for "causing havoc by pushing ideas, engaging other users or even taking both sides of controversial online discussions."
With the explosive growth of the internet of things, and the increasing threat posed by botnets that leverage IoT, more must be done to ensure IoT devices include security by design, says David Holmes, principal threat researcher at F5 Networks, who offers a strategy.
A class action lawsuit filed against Allscripts in the wake of a ransomware attack that recently disrupted patient care at hundreds of healthcare practices will spotlight a variety of critical security and legal issues, says Steven Teppler, the plaintiffs' attorney, in this in-depth interview.