Lawmakers on Wednesday grilled UnitedHealth Group CEO Andrew Witty over security lapses leading up to the Change Healthcare cyberattack and the company's handling of the incident, including the sectorwide disruption it caused and the compromise of millions of individuals' sensitive data.
Verizon's 17th annual 2024 Data Breach Investigations Report highlights a troubling trend: The exploitation of vulnerabilities in the wild has tripled, primarily due to ransomware actors targeting zero-day vulnerabilities, such as the MOVEit flaw that triggered numerous data theft incidents.
How do data breaches happen? The latest annual Verizon Data Breach Investigations Report, which aims to help defenders answer that question, points in part to the ever-present threat of ransomware and data extortion and charts a surge in attackers exploiting zero-day and known vulnerabilities.
SecurityGate CEO Ted Gutierrez said the SEC's new cybersecurity mandates give "more teeth to the idea that cybersecurity is a business problem." He discussed the need for CISOs to link cyber risk and business outcomes and other ways in which the rules affect the field of cybersecurity.
Deciding to pay cybercriminals a ransom in the attack on Change Healthcare was one of the most difficult choices UnitedHealth Group CEO Andrew Witty ever faced, according to written testimony ahead of two congressional hearings this week on the disruptive Change Healthcare mega-hack.
Personal branding is the practice of marketing oneself and one's career as a brand. It plays a role in how you are perceived and how you perceive yourself as a professional, and it can set you apart from other candidates. Here are tips on how to create and maintain your personal brand.
The Federal Communications Commission announced Monday that it is slapping the leading U.S. cellular providers with nearly $200 million in fines for selling customers' location data to third parties without their consent, following years of warnings from lawmakers about the apparent privacy abuses.
Forescout CEO Barry Mainz highlights the growing risks associated with OT and IoT devices and how cybersecurity strategies must evolve to address these challenges. He emphasizes the need for visibility, classification and robust risk assessment to manage these vulnerabilities effectively.
The French government could acquire a loss-making cybersecurity unit and other critical assets of Paris IT consultancy firm Atos after previous bids by competing firms fell through. Atos employs about 4,000 people and is strategically important to the French government.
Advancements in AI, blockchain and the internet of things have caused the demand for professionals who have expertise in those fields as well as in law to skyrocket. There simply are not enough experts equipped with this knowledge, and the gap presents a unique and lucrative career opportunity.
While most healthcare sector organizations hit with ransomware attacks never imagine giving in to extortion demands, the pressures they face in dealing with the crisis often push about half of them to pay, said attorney Lynn Sessions of BakerHostetler, speaking about the firm's healthcare clients.
Microsoft has released a new open-source security tool to close gaps in threat analysis for industrial control systems and help address increased nation-state attacks on critical infrastructure. ICSpector, available on GitHub, can scan PLCs, extract information and detect malicious code.
Island co-founder and CEO Mike Fey discusses how enterprise browsers facilitate efficient business processes through cloud integrations, safeguard sensitive data effectively and deliver a user experience tailored to the needs of business environments.
After Rubrik became the first cybersecurity IPO since September 2021, company co-founder and CTO Arvind Nithrakashyap and CPO Anneka Gupta said Rubrik remain focused on cyber resilience, with investments focused on fostering long-term customer relationships and expanding the company's capabilities.
The Federal Trade Commission has finalized changes to its Health Breach Notification Rule, expanding the type of technologies that apply to regulations pertaining to non-HIPAA-regulated entities. The rule has been on the books for about 15 years, but the agency only recently began to enforce it.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.