Phishing, ransomware and unauthorized access continue to be the leading cyber causes of violations of data protection rules and personal data breaches, Britain's privacy watchdog reports. U.K. authorities say that breach reporting to regulators and law enforcement agencies remains relatively steady.
Another big wave of large breaches stemming from hacking incidents, including ransomware attacks, has flooded the federal tally of major health data breaches in recent weeks.
The key to reducing "alert fatigue" is to make sure alerts are repeatedly validated before they're distributed, says Chris Kubic, CISO at Fidelis Cybersecurity, who formerly served as CISO at the U.S. National Security Agency.
Network intrusion displaced phishing as the leading hack-attack tactic last year, while ransomware continued to surge as the pandemic complicated incident response efforts, says BakerHostetler's Craig A. Hoffman, who describes trends from the 1,250 incidents his firm helped manage.
The U.S. Department of Homeland Security is preparing cybersecurity regulations for the oil and gas industry in the wake of the ransomware attack on Colonial Pipeline Co. that resulted in the company suspending operations for several days, according to The Washington Post.
Ransomware attacks are stuck on repeat: Criminal syndicates have found an extremely profitable business model, and they're milking it for all it's worth. So give the city of Tulsa, Oklahoma, credit for having in place robust disaster recovery capabilities and vowing to remediate, rather than pay criminals.
Although many companies are deploying extended detection and response, or XDR, their efforts often are coming up short, says Richard Stiennon, chief research analyst at IT-Harvest.
Alaska's Department of Health and Social Services is the latest in a series of public health departments hit by cyberattacks in recent weeks. Why are these government agencies experiencing so many breaches lately?
In the wake of recent attacks on supply chains and critical infrastructure, Adrian Mayers says it's time for cybersecurity to be seen as an issue of national defense, and that cybersecurity leaders throughout the private and public sectors must embrace their role to protect national interests.
A data security incident involving a Canada-based insurer that provides comprehensive health coverage to students studying abroad shines a light on complex international regulatory issues companies can face in the wake of a data breach.
Want to stay well-protected against emerging cybersecurity threats? Keep a close eye on the latest headlines, says BlackCloak's Chris Pierson, who recommends organizations continually refine - and practice - their incident response plan based on the latest real-life attack scenarios.
Troels Oerting, a veteran CISO who most recently served the World Economic Forum, has a storied career. He's been there, done that and mitigated the risk. In this exclusive conversation, he shares his opinions on today's threats, emerging technologies and challenges for the next generation of security leaders.
A recent study showed that even though 82% of cybersecurity professionals are familiar with the MITRE ATT&CK framework, only 8% said they used it regularly. This led to development of the new MITRE ATT&CK Defender training and certification. Rick Gordon of MITRE Engenuity explains.
Security orchestration, automation and response technologies, or SOAR, give organizations the ability to manage an increasing number of alerts. But security experts say there's no worry that SOAR will replace people. In fact, SOAR could help with staff retention.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.