New industry guidance provides a detailed road map to help healthcare sector entities respond to and recover from cyberattacks involving extended IT outages, say Lisa Bisterfeldt and Kirsten Nunez, who are members of the Health Sector Coordinating Council task force that developed the resource.
Charles Sello Kungwane is the city of Johannesburg municipality's group head, focusing on ICT cybersecurity, audit, risk and governance. He discusses how the role of a CISO melds with that of other C-suite executives and describes his current and future security plans for the municipality.
The number of organizations being breached is on the rise, according to Forrester's 2021 State of Enterprise Breaches report. Allie Mellen describes the trend as "disappointing" and discusses the misaligned expectations some organizations have about breaches, as well as other report findings.
John Riggi, national adviser for cybersecurity at the American Hospital Association, and Carolyn Crandall, chief security advocate at Attivo Networks, explain why threats involving the Russia-Ukraine war are exacerbating cybersecurity pressures on healthcare sector entities in the U.S. and globally.
Smartphones used by Spain's prime minister and defense minister were infected with Pegasus spyware built by Israel's NSO Group, government officials allege. The discovery follows human rights researchers finding Pegasus infections targeting Catalonians, likely traceable to the Spanish government.
Auditors have once again rated the Department of Health and Human Services' information security program as "not effective," citing several areas of weaknesses, including issues related to risk management, information security continuous monitoring and contingency planning.
As one embarks on a zero trust journey, it's best to start with a network approach, according to Amit Basu, who is vice president, chief information officer and chief information security officer at International Seaways, a New York-based tanker company.
As ransomware-wielding attackers continue to target businesses large and small, the organizations that respond best and escape most unscathed from such attacks are those that already have in place well-honed, rehearsed plans, says ransomware expert and attorney Guillermo Christensen of Ice Miller.
New cyber incident reporting rules are set to come into effect in the U.S. on May 1. Banks in the country will be required to notify regulators within 36 hours after an organization suffers a qualifying "computer-security incident." What does this mean for banks, and what are the likely challenges?
Recent incidents affecting the sensitive information of tens of thousands of individuals underscore the ongoing threats and risks facing organizations that handle health and other delicate personal information, including a community health center and a social services agency.
In this edition, four ISMG editors discuss important cybersecurity issues, including how virtual currency Monero is becoming the main alternative to Bitcoin as the crypto choice for criminals, the challenges involved in an identity-centric Zero Trust approach and how to influence change in culture.
Don't stockpile cryptocurrency in case your organization falls victim to ransomware-wielding attackers and opts to pay a ransom. This might seem obvious to anyone aware of the volatility in Bitcoin's value, but some organizations reportedly used to employ this incident response strategy.
The healthcare industry continues to be targeted by ransomware gangs, but there are efforts underway to help improve the health sector's information security resiliency. Errol Weiss of Health-ISAC says the industry as a whole lacks resources.
Ransomware attacks have come storming back after experiencing their typical end-of-the year decline. Security researchers report that the greatest number of known victms has been amassed by Lockbit, followed by Conti, Hive and Alphv/BlackCat.
There were no CISOs when Marene Allison started her career. There was not even a cybersecurity discipline. But starting with a distinguished stint in the military, she has progressed through the public and private sectors - including time with the FBI - to become CISO for Johnson & Johnson.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.
