Not all that crashes has been hacked. To wit, this past weekend there were multiple major outages, including much of Argentina and Uruguay going dark, as well as U.S. retailer Target's system problems leaving customers unable to pay for goods. But none of these outages were due to cyberattacks.
Carelessness, a lack of security awareness, unclear data ownership and poor toolsets are root causes of insider breaches, says Tony Pepper, CEO of Egress, which recently surveyed CISOs and employees to trace the cause of insider breaches resulting from both intentional and unintentional loss.
Crowdsourced bug bounty programs help organizations identify severe vulnerabilities in their apps and infrastructure. But that gamification model has been evolving to supply not only penetration testing but also deep dives by single researchers, says Bugcrowd CSO David Baker.
A top cybersecurity imperative for organizations is to "take proactive mitigation before an event even occurs" by tracking attack trends and mitigating against emerging types of attacks, says Akamai's Jay Coley.
ISMG's Healthcare Security Summit, to be held in New York on June 25, will feature a top-notch roster of expert speakers, including regulatory and law enforcement authorities, CISOs from leading healthcare provider organizations and technology thought leaders.
The threat landscape continues to evolve, says Chester Wisniewski of Sophos. "The more professional, the more skilled criminals out there are moving, seemingly, away from this 'spray and pray' mass exploitation approach and getting more targeted. It's what I call a blended threat."
In today's highly connected, cloud-based environment, application security is more critical than ever, says Jeff Williams, co-founder and CTO of Contrast Security, who explains why.
Hacking and extortion attempts against organizations have unfortunately become all too commonplace these days. On Tuesday, an unlikely victim went public: the British band Radiohead. But was the band really a hacking and extortion victim?
Online invitation site Evite has been hacked and information on an unspecified number of users stolen. In a data minimization fail, the breach apparently dates from earlier this year, but it's been tied to "an inactive data storage file associated with Evite user accounts" from before 2014.
Organizations and their applications are under attack from automated bots and bad actors. And many of these attacks are undetectable by conventional security technologies. How can organizations detect and prevent this activity? Carl Gustas of Cequence Security shares insights.
Apple will introduce a feature in its new iOS 13 operating system later this year that allows the use of Apple credentials to log into other services. The feature is designed to reduce the amount of personal information that app developers obtain, a clear shot across the bow of Facebook and Google.
The right authentication controls at the right time for the right transactions - the adaptive authentication message is taking off, says OneSpan's Tim Bedard. And here are some quick wins organizations might focus on when starting down the path.
Infosecurity Europe returns to London June 4-6, featuring more than 230 sessions over three days covering a range of topics, including application security, automation, data protection, risk management, incident response and threat analysis. Here's a preview of 11 hot sessions.
The latest edition of the ISMG Security Report analyzes the "blame game" in the wake of a ransomware attack against the city of Baltimore. Also featured: Discussions of cyberthreats in the financial services sector and open source security concerns.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.