Attackers have been actively exploiting a flaw in Rackspace's hosted email service to send phishing emails, bearing legitimate and validated domain names, as part of business email compromise scams, warns IT security testing consultancy 7 Elements. Rackspace tells customers it plans to fix the problem soon.
Newly updated Food and Drug Administration guidelines will help experts to more accurately score and communicate the criticality of security vulnerabilities identified in medical devices, says Elad Luz, head of security research at CyberMDX.
In some respects, government agencies enter the cybersecurity arena with one hand
already tied behind their backs. It's accepted: They are under great public scrutiny in terms
of their financial spending. They are challenged to recruit and retain qualified staff. And yet
they are still a favored target of...
As the use of telehealth continues to surge during the COVID-19 crisis, healthcare entities and their vendors must take critical steps to keep patient data private and secure, says attorney Janine Anthony Bowen.
Many healthcare organizations are failing to address shortcomings in security risk management for their supply chains, says former healthcare CIO David Finn, describing findings of a recent study assessing the state of cybersecurity in the sector.
As organizations increase their dependency on third-party vendors, it is more critical than ever for firms to understand how they can improve the overall effectiveness of their third-party risk (TPR) management programs.
Recently, RiskRecon and the Cyentia Institute surveyed over 150 organizations to understand the...
Using intrusive technologies to check staff behavior in an effort to fight against supply chain fraud is ineffective, says Richard Dailly, managing director in Hong Kong at the security firm Kroll, who explains why.
To function efficiently, complex third-party ecosystems require digital interconnectivity. Data must flow seamlessly from the requirement for goods or services, through procurement and order placement, to implementation or production. Whether it's a consumer goods manufacturer focused on ensuring product consistency...
The world of third-party risk management is rapidly changing. Each day, organizations like yours face new security, privacy, and compliance threats when working with third parties. The good news is there are world-class teams around the world that are paving the way with new best practices for the next generation of...
A hybrid workforce, heightened insider risk, 5G concerns over the expanded attack surface - these are the "more" that people reference when they talk about "doing more with less" in 2021. A CEO/CISO panel discusses how security leaders prioritize budget allocations for these concerns.
Enterprises globally recognize the challenge of third-party cyber risk, but they still struggle with the risk management. Dave Stapleton of CyberGRX discusses the elements of a mature program, including the role of risk ratings.
While companies across sectors have been shoring up their cybersecurity defenses with technologies, one area remains overlooked: Securing the supply chain.
The supply chain is now less of a linear chain and more of a web that extends in every direction. With digital services such as cloud providers in the mix, the...
In the face of growing cybersecurity threats, it is increasingly important to measure the cost and concentration of "exposure." Having an accurate view of the resilience of organizations and industries against cyber-attacks can help target efforts to reduce exposure to the sectors that need it most and enhance...
Did you know that 61% of data breaches are attributed to a third party or vendor? How can you be sure that the vendors, suppliers, partners, and consultants you work with have the right security in place to prevent an attack from infiltrating your system
Without clear visibility into remote networks and third-party...
Data breaches that stem from third parties, vendors, or contractors are on the rise. In fact, the increase in third-party data breaches is due to the industrialization of the cybercriminal ecosystem and innovations such as ransomware, which makes cybercrime much more profitable and easier to carry out. Plus, the tools...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.