Insider threats pose high risks to all enterprises. No organization, regardless of size, industry or region, is immune. With all the advantages that the digital age has brought us (and they are many) it has also brought a rise of highly damaging data breaches, from both internal and external sources.
Regardless of...
Certification and accreditation (C&A) has been like alphabet soup. As it transitions to assessment and authorization (A&A), it's time to sort through the confusion and identify which terms and processes apply in any given situation.
This paper sorts through the confusion to identify which terms, approaches, and...
Just like epidemiologists studying disease outbreaks, cybersecurity professionals can benefit from identifying and mitigating certain behaviors, says Dr. Elizabeth Lawler, an epidemiologist who is CEO of Conjur, a data security firm.
When Army intelligence specialist Chelsea Manning leaked classified documents to WikiLeaks in 2010, the federal government's security clearance process served as the main defense against malicious insiders. CERT's Randy Trzeciak explains how insider threat defenses have changed since then.
VASCO Data Security's Scott Clements on Aligning Security with User Experience
With great efficiencies and cost savings also come great threats and fraud risks. This is today's digital reality, and it is why cybersecurity and the user experience need to be aligned to create digital trust, says Scott Clements of VASCO...
Facebook is aiming to make account recovery and password resets more secure with a new, updated approach that eliminates outdated weaknesses such as emailed reset links, SMS messages and security questions.
Most organizations that enable users to perform online transactions have implemented security measures to address fraud. Currently, one of the most common safeguards used in a wide array of products/services is two-factor authentication (2FA).
In recent years, 2FA has become employed by global tech leaders like...
Behavioral biometrics has been getting a lot of attention recently due to its ability to uniquely address the challenges posed by social engineering, account takeovers and malware. It is already considered the third most popular biometric technology (after finger and face) and tied with iris.
Nonetheless, as an...
As mobile devices eclipse computers and laptops as the preferred method of going online, fraudsters have followed users, porting their modus operandi -account takeover, social engineering, and malware based remote control attacks - to the mobile arena. Thus, hackers have many more opportunities to perpetrate fraud and...
Many IT professionals use remote administration tools to troubleshoot and fix PC problems remotely, just as if they were sitting behind the keyboard themselves. But these tools are also used for different purposes today. Both nation states and hacktivists use modified these tools, creating Remote Access Trojan's...
Targeted breaches are increasing and they share a common thread- a kill chain that exploits privileged users and their credentials to gain access to sensitive systems. Steve McCullar of CA Technologies discusses how privileged access management can break that kill chain.
McCullar, an Advisor for CA Technologies...
Firewall complexity is leaving companies exposed. The technology to keep company networks safe exists, but it isn't being managed properly. Firewall technology has come a long way since its initial, most rudimentary forms. Next-Generation Firewalls (NGFW) are the latest development, and organizations are accelerating...
Building a Zero Trust (ZT) network where security permeates the entire digital ecosystem, rather than assuming an internal trusted network and managing an external untrusted network, has become paramount. Forrester advocates that Next-generation firewalls (NGFWs) are critical to architecting a ZT network, but the...
As cyber threats become more complex in nature and the attack surface grows, enterprises are shifting to a risk-centric threat identification, containment, and remediation security strategy, prioritizing investments in tools and capabilities to detect threats and respond to incidents faster and more...
The indictment of a former paramedic in a narcotics case calls attention to the potential threats posed by insiders who abuse their access to information systems that support patient treatment.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.