The recent Colonial Pipeline ransomware attack illustrates the vulnerability of the nation's critical infrastructure, says Richard Stiennon, a research analyst and the author of "Security Yearbook 2021: A History and Directory of the IT Security Industry."
With cyber incidents involving vendors - including cloud services providers - surging, healthcare entities must step up scrutiny of their business associates as well as those companies' subcontractors, says Thad Phillips, CISO at Baptist Health Care in Pensacola, Florida.
Diving into the Colonial Pipeline ransomware attack - culprits, impact, recovery, and the increasing political firestorm it’s triggered - is the focus of the latest edition of the ISMG Security Report. Security leaders weigh in on the attack's significance and potential long-term ramifications.
A recently launched vulnerability disclosure program is a critical component of Toronto-based LifeLabs' efforts to bolster the security of its medical diagnostic laboratory services and online technologies used by healthcare providers across Canada, says the company's CISO, Mike Melo.
The faces of fraud have changed, and so have the defenses. But improved protection doesn’t have to mean a diminished customer experience. Soudamini Modak of LexisNexis Risk Solutions discusses the latest fraud trends and how to hone defenses.
Tom Kellerman of VMware Carbon Black shares his opinions about whether a nation-state was behind the recent ransomware attack on Colonial Pipeline and what the U.S. government should do to prevent other cyberattacks.
The latest edition of the ISMG Security Report features an analysis of whether courts can trust evidence collected by Cellebrite's mobile device forensic tools. Also featured: Report shows attackers' dwell times plummeting; a call for partnership with law enforcement.
With all the talk of sophisticated adversaries and evolving threats to users and devices – what about threats to building management systems? Jeremy Morgan of Industrial Defender discusses this threat landscape and the role of automated tools to defend it.
The latest edition of the ISMG Security Report features an analysis of British spy chief Jeremy Fleming’s "cybersecurity call to arms." Also featured: Insights on COVID-19 business continuity planning; the wisdom of the late Dan Kaminsky.
Phishing, online fraud, cryptocurrency scams – they are coming at lightning speed, threatening enterprises and their brands. And just as fraudsters rely on automation to deliver these attacks, defenders can use automated tools to protect their brands. Jeff Baher of Bolster tells how.
The federal ban on funding for a national unique patient identifier adds to the complexity of customer identity and access management, especially when dealing with new patients during the COVID-19 pandemic, says Aaron Miri, CIO at UT Health Austin.
Attackers targeting the healthcare sector are frequently exploiting unprotected internet-facing databases and unsecured network devices, including "shadow IT," says David Sygula, a senior analyst at the security firm CybelAngel.
The latest edition of the ISMG Security Report features an analysis of ransomware gang REvil’s threat to release stolen Apple device blueprints unless it receives a massive payoff. Also featured: discussions of the importance of a “shift left” strategy and efforts to secure cryptocurrencies.
“Work from anywhere” is a game changer, and it has significant impacts on certificate lifecycle management. Patrick Nohe of GlobalSign discusses the new, strategic approach security leaders need to take for CLM.