Because the legal relationships between healthcare organizations can be very complex, it's not always crystal clear when business associate agreements should be in place to help safeguard patient data, says privacy attorney Adam Greene. He explains the legal issues in this in-depth interview.
Britain's privacy watchdog agency has slammed the telecommunications company TalkTalk with a record fine of £400,000 ($511,000) for multiple information security failings that allowed a hacker to bypass access controls and exfiltrate customer data "with ease."
Britain has launched a new National Cyber Security Center to help U.K. organizations better respond to cybersecurity incidents. But Brexit is imperiling intelligence-sharing arrangements that help the U.K. battle attacks and track cybercriminals.
Markus Jakobsson, Chief Scientist at Agari, has released a new book focused on socially-engineered schemes. What are the key takeaways, and how can security leaders improve their abilities to fight back against the schemers?
The internet of things is being compromised by malware-wielding attackers exploiting default credentials baked into devices. What will it take for manufacturers to ship devices that are secure by default?
Enterprises should employ new modeling, simulation and intelligence tools to provide insight into potential exploitable attack vectors before an incident occurs, Michelle Cobb, vice president at Skybox Security, says in a video interview.
Want to build a cybercrime empire predicated on selling stolen payment card data? Here's how carder forum Vendetta Network blends outsourcing, partnerships and best-of-breed tools to maximize profits while minimizing risk.
Blunting Yahoo's attempt to blame nation-state attackers for its record-breaking breach, security firm InfoArmor says it's traced the 2014 hack to a cybercrime gang that's quietly resold the stolen data several times over.
A new cyberattack trend report from Europol notes that while online criminals continue to refine their capabilities, old and unsophisticated attacks too often still succeed, thanks to poor digital hygiene and a lack of security by design and user awareness.
The more than 11,000 financial institutions that use the SWIFT interbank messaging network must annually prove they comply with its new cybersecurity standards or face being reported to regulators and business partners.
The latest ISMG Security Report leads off with a segment in which Managing Editor Jeremy Kirk explains that the massive Yahoo breach not only exposed the accounts of a half-billion customers, but also the weaknesses in the way enterprises employ hashed passwords.
Why are hacked healthcare records so valuable? It's because stolen patient records often end up for sale on the deep web as part of information packages called "fullz" and "identity kits" used by fraudsters to commit a wide variety of crimes, says James Scott of the Institute for Critical Infrastructure Technology.