Protecting 4 million patient records from breaches takes a multifaceted approach, says Bredai "Dai" Snyder of Care Coordination Institute, who describes three of the most critical elements.
Whether it's insider or third-party vendor access, organizations are realizing they need to do more with their privileged accounts and systems. But traditional approaches often leave organizations with wide gaps in security. Sam Elliott of Bomgar explains what companies need to look for when it comes to access...
Technologists are wrangling with an identity puzzle: Is it possible to create a single digital identity that can be seamlessly and securely used at a bank, a hospital or consumer websites? It's the holy grail of identity. But experts say blockchain is likely not the answer right now.
Following the alert over Meltdown and Spectre vulnerabilities, the U.K. Information Commissioner's Office is warning that failures to patch today could be punished with fines under GDPR once enforcement of the data protection law begins later this year.
Simulated attacks by an information security testing firm have found that fresh WannaCry, NotPetya and EternalRocks would still rip through many an enterprise network. Here's how organizations must respond.
From worsening ransomware attacks to deepened concerns about external digital risk, former AT&T CISO Ed Amoroso says 2018 will be a challenging year, and security teams need to be building out their resiliency plans to prepare for what's ahead.
So, what can we expect next year? Privacy expert Rebecca Herold offers her predictions for the 11 most significant healthcare information security and privacy events that will occur throughout 2018.
Healthcare technology has made leaps and bounds in terms of its ability to improve patient outcomes, and yet many technologies are being deployed before security concerns can catch up.
Email, which is too easily spoofed, phished or taken over, remains a leading cybersecurity risk. But finally, after years of pushing, the Domain-based Message Authentication, Reporting and Conformance standard, or DMARC is helping to bolster email security, says Phil Reitinger, CEO of the Global Cyber Alliance.
Spear phishing is the common trigger to many of the most popular - and successful - targeted attacks. How can organizations improve their defenses? Jon Clay of Trend Micro tells how to better spot and stop spear phishing.
Organizations must consider using privileged access controls throughout their entire "stack" of applications, as well as during the app development stages, says Andy Givens of CyberArk.
Many enterprises use remote desktop protocol to remotely administer their PCs and mobile devices. But security experts warn that weak RDP credentials are in wide circulation on darknet marketplaces and increasingly used by ransomware attackers.
Managing privileged access is a much bigger and more complex job today than it was even just a few years ago, says Scott Walker of Bomgar Corp., who offers insights on factors to consider.
To be successful, the quest to mitigate insider threat risks must start at the time employees are hired and continue as they move into different positions requiring varying degrees of data access, says Suzanne Widup of Verizon Enterprise Solutions.
Equifax ex-CEO Richard Smith asserts that a single employee's failure to heed a security alert led to the company failing to install a patch on a critical system, which was subsequently exploited by hackers. But his claim calls into question whether poor patch practices and management failures were the norm.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.