Many healthcare organizations that are up for renewals of cyber insurance policies are seeing big increases in premiums and a long list of new security requirements from their carriers, says Mac McMillan, who recently returned as CEO of the consultancy CynergisTek.
Joey Johnson, CISO of Premise Health, a Brentwood, Tennessee-based provider of online healthcare services, outlines a three-pillar security program in which "identity is the central aspect."
At least 38 million records have been leaked by hundreds of online portals that were unwittingly misconfigured by organizations using Power Apps, a Microsoft service to quickly spin up web apps. Microsoft has now changed default settings for Power Apps to prevent inadvertent data exposures.
Despite these financial headwinds, new ways are emerging for FIs to differentiate on the quality of fraud prevention and outreach they can provide to customers.
The answer to the increasing volume of challenges is not to just add another tool into the mix, it's to add the tools the organization is already using into an integrated cohesive mix.
Healthcare organizations need to take several critical steps to help mitigate the risk of ransomware attacks, including implementing EDR software and regularly testing the integrity of their backups, says Mitch Parker, CISO of Indiana University Health.
With more than 61% of breaches attributed to stolen passwords, a password manager can go a long way in helping enterprises enhance security, say Chandan Pani, CISO at Mindtree, and Lloyd Evans, identity lead, JAPAC, at LogMeIn.
The rise of ransomware as a criminal moneymaking powerhouse parallels the services offered by initial access brokers, who continue to offer affordable access to victims' networks - often via brute-forced remote desktop protocol or VPN credentials - to help attackers hit more targets in search of larger profits.
As chief security scientist and advisory CISO to security vendor Thycotic, Joseph Carson is well aware of risks employees will take to get their jobs done. He's just authored a new ethical hacker's guide to help enterprises plug their holes - before their adversaries breach them.
The world is now focused on ransomware, perhaps more so than any previous cybersecurity threat in history. But if the viability of ransomware as a criminal business model should decline, expect those attackers to quickly embrace something else, such as illicitly mining for cryptocurrency.
A cybercrime forum seller advertised "a full dump of the popular DDoS-Guard online service" for sale, but the distributed denial-of-service defense provider, which has a history of defending notorious sites, has dismissed any claim it's been breached. What's the potential risk to its users?
As cyberattacks continue to surge, federal regulators are reminding healthcare organizations of the importance of implementing strong identity and access management practices, policies and controls.
Threat intelligence researchers are looking closely at REvil, the ransomware gang that infected up to 1,500 companies in a single swoop. A look at the group's online infrastructure shows clear lines to Russian and U.K. service providers that, in theory, could help law enforcement agencies but don't appear eager to...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.