"Cyberattacks are one of the unfortunate realities of doing business today," reads gaming company Zynga's data breach notification, thus breaking the first rule of crisis management: Own your mistakes. Hacker Gnosticplayers claims the company was still storing passwords using outdated SHA1.
A former Army contractor has been sentenced to two years in federal prison after admitting causing more than $1 million in damage by accessing servers and data that belonged to a Pentagon client of his employer, according to the Justice Department.
The city of Baltimore's ransomware outbreak - $18 million in costs and counting - led to many crypto-locked files being lost forever, because no IT policy mandated centralized file backups. But effective IT solutions exist to help solve this challenge, provided they're deployed in advance of an attack.
Proponents of the potential adoption of a national unique patient identifier had been hopeful that the Senate would follow the House's lead in lifting a 20-year ban on funding for federal regulators to work on development. But now they face two substantial hurdles.
Artificial intelligence technologies that provide surveillance capabilities can have upsides as well as downsides. Unfortunately, as developers and governments rush to experiment, security, privacy, data protection and liability questions remain unanswered.
As cybercriminals adopt new methods to steal and manipulate victims' identities, the U.S. financial services industry needs to rethink how to protect customers' information using emerging technologies, such as artificial intelligence, security experts testified at a recent U.S. House committee hearing.
Ahead of the release of Edward Snowden's memoirs chronicling his decision to bring illegal "big data" domestic U.S. surveillance programs to light, a former NSA intelligence specialist points out that the U.S. still lacks a whistleblowing law to protect intelligence workers who spot illegal activity.
Cybercriminals are "upping their game" by stealing and then auctioning off on the dark web administrative access credentials to healthcare organizations' clinician and patient portals, says Etay Maor of IntSights.
Paige A. Thompson, who prosecutors allege hacked into Capital One's network to access millions of credit card applications, has pleaded not guilty to federal computer crime charges. Her tentative trial date is Nov. 4.
Account takeover (ATO) attacks result in billions of dollars of fraud and damage to brand reputation each year. These are the costs and risks associated with ATO.
With widespread use of Active Directory across industries and organizations of all sizes, it is frequently a target for bad actors who can use a cracking dictionary or exposed credentials to gain unauthorized access to an employee's account.
Applying a "zero trust" model is fast becoming essential for organizations as the mobile workforce uses a variety of devices to access applications and services running in-house and with external providers, says Duo Security's Jaret Osborne.
When crafting an identity and access management strategy, organizations need to balance the need for improved security with giving employees the freedom they need to do their jobs, says John Bennett of LastPass by LogMeIn.
More organizations are applying a highly automated "zero trust" model to ensure that they only give the right amount of privilege to the right user for the right amount of time, says Markku Rossi, CTO of SSH Communications Security.
The decline of the network perimeter as the cornerstone of enterprise cybersecurity means that CIOs and CISOs are increasingly focusing on identity to ensure that only the right people connect to systems, says Okta's Clare Cunniffe.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.