The sheer volume of federal regulations in place makes it almost impossible for agencies to monitor and comply with all of them, much less understand the impact of new ones. Nick Graham of Skyhigh Security explores the many compliance challenges - and how to overcome them.
Rules coming in April could require publicly traded companies to disclose a breach within four days of deeming it material as well as board member cybersecurity expertise. The SEC in March 2022 proposed a mandate that companies disclose "material" incidents within four business days of discovery.
Silicon Valley Bank's new owner plans to double down on business with venture capital and private equity firms and the portfolio companies they serve. VC and PE-focused business accounts form the largest segment of the combined $143 billion loan portfolio of First Citizens and Silicon Valley Bank.
The U.S. government limited its use of advanced surveillance software such as Pegasus through an executive order prohibiting agencies from buying licenses for spyware used by foreign governments to spy on dissidents. The order does not outright stop the government from purchasing spyware.
Cybersecurity startups that for decades turned to Silicon Valley Bank in a pinch will now find themselves working with a 125-year-old, North Carolina-based institution. First Citizens Bank has bought all Silicon Valley Bank deposits and loans from the FDIC, which rescued the bank after its collapse.
The Federal Trade Commission's recent actions against two companies in separate health data privacy cases are significant developments signaling the FTC's "aggressive push" to enforce violations involving disclosures of consumer health data to third parties, said attorney Kirk Nahra of WilmerHale.
In the latest "Proof of Concept" panel discussion, two Capitol Hill observers at Venable, Grant Schneider and Jeremy Grant, join Information Security Media Group editors to break down the Biden administration's new U.S. national cybersecurity strategy and answer the question, "Is it really viable?"
Britain's National Cyber Security Agency is examining TikTok to help the government finalize its decision to ban the Chinese video-sharing app from federal networks, the country’s security minister, Tom Tugendhat, revealed. The agency is looking into the app's ownership and security features.
A leader of an international crime network that attempted to launder more than $25 million in fraudulently obtained funds, including through business email compromise, received a sentence of more than a decade in prison. Valentine Iro, 34, pleaded guilty to conspiracy to engage in money laundering.
The Australian government says it will centralize its approach to securing federal agencies by appointing a coordinator to head the new National Office for Cyber Security within the Department of Home Affairs. The appointment comes after back-to-back major data breaches.
A top U.S. government official urged industry to become more conscientious over cybersecurity by preventing vulnerabilities from accumulating before products ship. CISA head Jen Easterly called for a more assertive role for government and an industrywide shift to memory-safe programming languages.
A campaign targeting government entities in the Asia-Pacific and North America regions with an info stealer hosted on a Discord server shares infrastructure with a campaign that used Microsoft OneNote to deliver malware. Menlo Security says the unknown threat actor doesn’t seem to be a major player.
Gartner says by 2025, 50% of companies will be using MDR. What's the compelling business case, and how does it translate to meet the needs of public sector entities? Rob Lalumondier of Sophos shares five reasons to use MDR, as well as key questions to ask when selecting a provider.
As ransomware continues to disrupt British organizations, the U.K. for the first time has sanctioned alleged cybercriminals, including accused Conti and TrickBot operators. Ransomware victims must conduct due diligence before paying any ransom, as violating sanctions carries severe penalties.
The insider threat hacker who attempted to extort $1.9 million out of Ubiquiti Networks faces sentencing in May after pleading guilty to three crimes in federal court. The hacker, Nickolas Sharp, was the company's cloud lead and was on the team remediating the security incident he caused.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.