Sen. Gary Peters, D-Mich., who chairs the Homeland Security and Governmental Affairs Committee, said this week that his committee convened a virtual briefing with both CISA and National Cyber Director Chris Inglis to discuss efforts to mitigate the threat posed by the Log4j vulnerability.
The road to Zero Trust starts with an entry point on the road map. But what are the common entry points, and how might the journey unfold? Satish Gannu, CTO-Digital of Korn Ferry, discusses the Zero Trust road map with Paul Martini, CEO of iboss.
The JFrog research team discovered a new RCE vulnerability, which will be tracked by NIST as CVE-2021-42392, in the H2 database console. Although the researchers say the root cause of this critical flaw is similar to the flaw in Apache's Log4j, they believe the differences may lessen its impact.
French data protection agency CNIL has imposed fines of $170 million on Google and $66 million on Facebook for not complying with cookie regulations. The watchdog has ruled that the firms should make opting out of cookies as simple as opting in, or pay a $113,000 fine for each day of delay.
A Chicago-based fertility center has reported that a hacking incident detected in February 2021 has affected the protected health information of nearly 80,000 individuals. The breach is among the latest major security incidents involving fertility healthcare providers.
In the latest update, four ISMG editors discuss key cybersecurity issues, including myth busting from the founder of Zero Trust, the reason behind the surge in high-profile cryptocurrency scams in India and how ransomware attackers routinely lie about their inclinations, motivations and tactics.
The latest edition of the ISMG Security Report features an analysis of the recent surge in Russian cyber interference in Ukrainian government and civilian networks, the impact of China's privacy law, and the battle against cryptocurrency cybercrime.
Most organizations deploy defenses to reduce the risk of cyber threats entering their environment. But what about the threats that are already inside? Whether the result of malicious, negligent or compromised users, insider threats pose serious business risks, and most organizations just aren’t prepared.
Florida-based Ravkoo, an online pharmacy, is notifying tens of thousands of individuals that their personal information was potentially exposed in a data security incident involving the company's Amazon Web Services hosted portal.
Bernalillo County, the largest county in New Mexico, shut down its IT systems after reportedly suffering a ransomware attack on Wednesday. County officials say they are working with third-party vendors to remediate the incident. County staff are working remotely as systems are restored.
A proposed class action lawsuit has been filed against a practice management and electronic health records vendor in the wake of a 2021 cyberattack affecting nearly 320,000 individuals. Among other demands, the lawsuit seeks a long list of security improvements by the company.
The Apache Log4j vulnerability capped the end of a long year for CISOs and incident responders, and it left them with a mitigation project that carries them well into the New Year. CISOs John Bassett and Martin Dinel discuss how their teams have tackled Log4j - and significant lessons learned.
Where are security practitioners in their zero trust journeys, and what approach to zero trust have they taken? Three experts - Netskope's David Fairman, Exceture's Mario Demarillas, and Petronas' Soumo Mukherjee - share their thoughts in a panel discussion.
Amid the current ransomware surge, it's time for the principle of least privilege to meet endpoint security and be a new foundational security control, says David Higgins of CyberArk. He outlines the cybersecurity use cases and potential business benefits.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.