Cybercriminals are exploiting the chaos created by the CrowdStrike outage by launching fake websites and phishing campaigns to trick victims into downloading malware or divulging sensitive information, according to the U.S. Cybersecurity and Infrastructure Security Agency and others experts.
As if the healthcare sector doesn't have enough technology problems, the global IT outage caused by a faulty CrowdStrike software update has forced some hospitals and other medical facilities worldwide to resort to manual downtime procedures and cancel patient procedures.
Federal agencies including CISA rushed on Friday to provide IT support to critical infrastructure sectors in the U.S. while resolving their own system disruptions caused by a faulty update pushed to Windows PCs by the Texas-based cybersecurity firm CrowdStrike.
In this special edition of the ISMG Editors' Panel, CyberEd Board member Ian Thornton-Trump joined editors to discuss the fallout from the massive CrowdStrike IT outage, the reaction from the tech industry and how we can learn from the incident and create more resilient operations.
An M&A due diligence process must include a comprehensive cybersecurity risk assessment, including all assets, threats, vulnerabilities and control measures, said Bradley Schaufenbuel, vice president and CISO at payroll and HR solution company Paychex.
What's the best strategy for exploiting a known vulnerability in ransomware to help victims decrypt their files for free? That question continues to recur as researchers discover such vulnerabilities and then must weigh whether or not to publicize the flaws, which tips off the ransomware operators.
Jana Partners announced a "significant" stake in Boston-based Rapid7 on Wednesday and plans to push the vulnerability management firm to sell itself. The activist investor is working with investment firm Cannae Holdings and wants Cannae to team up with a private equity firm to buy Rapid7.
Acronis President Gaidar Magdanurov discusses the need for immutable backups in the current threat landscape and highlights the benefits of integrating security measures with backup systems to facilitate automated recovery from ransomware attacks and minimize downtime.
Crisis management is a crucial skill for organizations and CISOs. It starts with understanding the business and tailoring plans to its needs, according to Stuart Seymour, group CISO and CSO, Virgin Media O2. He recommends rehearsing plans with leadership and regularly updating them.
Paul Peters, detective superintendent and managing director at The Cyber Resilience Center for Wales, outlines strategies to enhance cyber resilience, particularly for SMBs and micro-businesses. Organizations must focus on preparedness, partner collaboration and basic security measures, he says.
The chaos experienced by thousands of healthcare organizations in the wake of the massive Change Healthcare cyberattack and IT outage in February is proof that most organizations are simply unprepared for such devastating incidents, said Bryan Chnowski, deputy CISO at Nuvance Health.
Many healthcare organizations have discovered major gaps in business operations preparedness - the ability to quickly rebound from major IT disruptions, such as those caused by the Change Healthcare cyberattack. Jigar Kadakia, CISO of Emory Healthcare, said it's time to come up with a Plan B.
The latest ransomware attack that led to pathology service outages at multiple London hospitals underscores the need for more robust healthcare sector security and resilience measures, including threat hunting, said Andrew Cooke, director of information security services at Acacium Group.
A study investigating the impact of ransomware attacks on hospitals and the ripple effect on nearby facilities is a call to action for policymakers to seriously address how those assaults can be better handled in the health sector, said researchers Rahi Abouk and David Powell.
Live from Infosecurity Europe Conference 2024 in London, ISMG editors and special guest CISO Ian Thornton-Trump close the event by discussing key topics including progress on AI-based cybersecurity solutions, efforts to help organizations boost resilience, and the looming specter of new regulations.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.