The U.K.'s data protection regulator has fined Bupa Insurance Services £175,000 ($228,000) for failing to stop an employee from stealing 547,000 customer records, which were later offered for sale on the dark web. The ICO found that the health insurer's CRM system lacked adequate security controls.
A case involving alleged insider theft of protected health information from a hospital in New York illustrates why healthcare organizations need to take extra precautions to prevent similar incidents. Security experts offer recommendations.
There has been much speculation (not to mention exaggeration) over recent years about the fabled dark web. We've heard how this shady underworld is the refuge of the cybercriminal elite and even nation state threat actors.
But beyond the hype there is the potential for dark web sources to reveal valuable...
11 Questions to Answer Before You Invest
Threat intelligence done right gives you a window into the world of your adversary. Vendors and service providers are aiming to empower organizations by alerting them to the specific threat vectors and attacks they face, as well as how they should be prioritized for...
Having access to threat intelligence can arm you to make more
confident, risk-based decisions. However, simply having it is not
enough. 58 percent of organizations have had some kind of threat
intelligence program for at least two years, but struggle to
operationalize the intelligence efficiently - 39...
Despite increasing investment in security tools, organizations are still getting breached - and so many of those breaches, whether organizations realize it or not, are ultimately due to the human element.
The 2018 Insider Threat Intelligence Report collects findings from Dtex's User Threat Assessments across the...
When trusted insiders are accessing your valuable digital resources, you need to know who they are and what they're doing and you need to know if resources have been compromised.
Download this eBook and learn how to look for these tell-tale signs:
Theft and corruption: Insiders are behaving badly
Damaging...
When it comes to fraud prevention, many organizations overlook the insider threat - both the malicious actor who intends to commit fraud, as well as the accidental insider who makes a mistake or is taken advantage of by an external entity? The CERT Insider Threat Center at Carnegie Mellon University is one of the...
Forty-eight percent of customers drop the products and services of organizations that have had a publicly-disclosed data breach. This is but one of the findings of the new 2018 Global State of Online Digital Trust study commissioned by CA Technologies. CA's David Duncan analyzes the results.
Randy Trzeciak, director of the CERT Insider Threat Center at CMU, says he's frequently asked: "Haven't we solved the insider threat problem?" Far from it, he responds. In fact, he's helping many organizations start insider threat defense programs. He'll be a speaker at ISMG's New York Security Summit.
The National Cybersecurity Center of Excellence (NCCoE) at NIST has created a series of free resources touting best industry practices that utilize the latest technology, automation and system controls to guide industry professionals through minimizing their cyber risks and identifying threats. These practices go a...
A Shift Toward a Human-Centric Approach to Information Security
Every IT security department's job, to protect data, has become more challenging as the security perimeter has dissolved with the adoption of cloud applications. The traditional threat-centric approach is to apply rigid policies to a dynamic...
An Equifax software engineer has settled an insider trading charge with the U.S. Securities and Exchange Commission after he allegedly earned $77,000 after he made a securities transaction based on his suspicion that the credit bureau had suffered a data breach.
Behavioral analytics have taken the fast lane from emerging tech to mature practice. And Mark McGovern of CA Technologies says the technology is being deployed in innovative ways to help detect insider threats.
When it comes to fraud prevention, many organizations overlook the insider threat - both the malicious actor who intends to commit fraud, as well as the accidental insider who makes a mistake or is taken advantage of by an external entity? The CERT Insider Threat Center at Carnegie Mellon University is one of the...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.
