Many critical infrastructure sector organizations, especially smaller entities, will likely struggle to comply with an upcoming requirement to report cyber incidents to federal regulators within 72 hours - due to an assortment of reasons, said Stanley Mierzwa of Kean University.
In the post-digital transformation world - and in advance of the coming of quantum computing - it's time to future-proof cybersecurity by nurturing a culture of security. Dean Coclin of DigiCert discusses how banking institutions can embrace this change.
In this interview with Information Security Media Group,...
It's becoming more critical than ever for hospitals to have vigorous programs that continuously evaluate and address the security risks posed by third-party vendors, said John Riggi, national adviser for cybersecurity and risk at the American Hospital Association.
Cryptocurrency hackers are shifting their focus from bitcoin to other tokens and newer blockchain services such as cross-chain bridges for illicit activity. Why is the oldest crypto token so unappealing to hackers these days, and what do other options offer? Ari Redbord of TRM Labs explained.
President Xi Jinping directed state agencies to strengthen the government’s control over the internet and information technology sector, potentially discouraging investment in the country. Among the obstacles is a new Counter-Espionage Law focused on investigating foreign companies.
Resilience, not just compliance, is becoming healthcare's primary goal in managing cyber risk. Moving to a more resilient state requires continuous cyber risk management, which requires knowing how an adversary thinks and attacks to ensure that the appropriate safeguards are in place.
Federal regulators and medical device maker Becton, Dickinson and Co. are warning about eight vulnerabilities that could allow an attacker to compromise BD's medication infusion product suite, potentially putting data and device integrity at risk if exploited.
Suspected Chinese hackers gained access to senior U.S. officials' emails by exploiting a zero-day vulnerability in Microsoft's cloud environment. While Microsoft said customers couldn't have prevented the attack, the U.S. government says logging was key to spotting it.
In the latest weekly update, ISMG editors discuss the complex task of phasing out magnetic stripe payment cards and why the United States lags behind, the great debate over best of breed vs. a single platform vendor approach, and AI insights from Palo Alto CIO Meerah Rajavel.
Life sciences firms, including pharmaceutical companies, are facing growing challenges in securing complex sets of sensitive data, including genomic information, said H-ISAC's Phil Englert, one of many high-profile speakers who will discuss industry trends at ISMG's upcoming Healthcare Summit 2023.
Belarus state-linked hackers are targeting government and military entities in both Ukraine and Poland with spear-phishing campaigns that deliver remote access Trojans. Ukrainian authorities say the adversary is focusing on information stealing and remote control of targeted systems.
Researchers are warning of an uptick in attacks using a series of malicious Microsoft Office documents designed to drop LokiBot, an information stealer capable of sweeping up credentials. LokiBot has been active since 2015 and specializes in information stealing through malicious email attachments.
Russian hacking group Armageddon has upgraded its skills to simultaneously target several thousand Ukrainian government information systems. CERT-UA said the hackers infected Microsoft Office Word to generate 80 to 120 malicious documents within a compromised system to multiply the infection.
Based on the 1,862 U.S. data breach notifications issued in the first half of this year, 2023 looks set to break multiple records, especially as more breaches come to light due to the Clop ransomware group exploiting a zero-day flaw in widely used MOVEit file transfer software.
As U.S. government agencies migrate operations and apps to multi-cloud environments, there are lessons learned to be gained from their private sector counterparts. John Sellers of Cisco shares some of these lessons, as well as questions government security leaders need to be asking about the cloud.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.