Information security truisms: 2017 was the year of more cybersecurity - more attacks, more spending, more defenses, more breaches - and 2018 will see more of everything "cyber," plus GDPR enforcement, proxy wars online and more.
New York-Presbyterian has more than 72,000 medical devices from over 1,400 manufacturers, says CISO Jennings Aske. Given that scale, how can a security leader help ensure device cybersecurity? Aske shares his view of what's needed from manufacturers and the government.
The U.S. Food and Drug Administration issued cybersecurity expectations for manufacturers of medical devices. But ow are those expectations being met, and what is the FDA's ongoing role in improving device security? The FDA's Suzanne Schwartz offers an update.
Fraudsters recently ordered a total of nine iPhones and Samsung S8s from Sprint and Verizon with my personal details. With the internet awash in stolen personally identifiable information, are mobile operators doing enough to prevent fraudulent orders?
It's been seven years since Dale Nordenberg, a pediatrician, became involved in the drive to improve medical device security. What progress does he see among manufacturers, government agencies and healthcare providers?
Compared to the mega-breaches that hit the healthcare sector in 2015 and 2016, the top 10 breaches reported for 2017 were far smaller. Security experts analyze whether that's really a sign of progress.
SSH keys provide the highest level of access rights and privileges for servers, applications and virtual instances. Cyber criminals want this trusted status and invest considerable resources into acquiring and using SSH keys in their attacks.
Even though SSH keys are the credentials that provide the most privileged...
Federal regulators have set up online resources to help healthcare providers as well as consumers navigate circumstances under which HIPAA permits a covered entity to disclose mental health or substance abuse information to a patient's family members and caregivers.
Crowdsourced cybersecurity, specifically bounty-based collaboration between organizations and white-hat hackers, is a burgeoning method of security reinforcement utilized by tech giants such as Google, Apple, and Microsoft, as well as other major companies in recent years.
Instead of awaiting a malicious breach,...
Denial of Service, web application layer attacks, credential abuse and IoT - these are the attack trends and vectors that will make headlines in 2018.
Download this whitepaper and learn:
Top attack types and vectors seen in 2017;
Volume and types of attacks to expect in 2018;
The role IoT will play in attacks to...
Even the most well-intentioned employees risk leaking sensitive data or inadvertently letting in malware that can wreak havoc on your network and systems.
Give your employees the proper training and knowledge to make them your most important line of defense against cyber threats.
Download this checklist and...
When a healthcare system wanted to ensure HIPAA/EDI compliance, they undertook a risk assessment to better understand their security posture. They uncovered sensitive data being sent out over the internet instead of through a secure channel which had been set up.
Download this case study and learn how SCHS was able...
Healthcare is the only industry where employees are the primary reason for a data breach. A variety of motives including monetary gain, negligence or the need to access patient data quickly lead to Patient Health Information (PHI) loss.
Download this whitepaper and learn:
Real world scenarios that put PHI data at...
Complicating healthcare compliance efforts is the growing trend of migrating patient data to cloud storage and hosted applications such as Health Information Exchange systems. The cloud lowers costs and improves efficiency, but widens the attack surface for data breaches.
To counter this challenge, download this...