As healthcare organizations across the U.S. respond to the COVID-19 crisis, the list of security and privacy challenges CISOs face continues to grow. Mitch Parker, CISO of Indiana University Health, provides an update on the changing risk management landscape.
When it comes to threat hunting, what are the complementary uses of SIEM and EDR technologies? What are the unique use cases for each, and how can they coexist? Sam Curry of Cybereason shares tips in advance of a virtual roundtable discussion.
Zoom, responding to research that highlighted encryption and infrastructure shortcomings in its audio and video conferencing software, has promised to further revamp its security controls. With COVID-19 driving a surge in working from home, researchers have been closely reviewing the security of such software.
A security researcher found 10 flaws within HP's Software Assistant Tool, which is installed across HP's desktop and laptop computers. Bill Demirkapi, who found the flaws, says the software is risky because only seven of the flaws have been patched by HP.
True predictive analysis is difficult - and it sometimes takes years of learning and data modeling to get it right, says Derek Manky, chief of security insights and global threat alliances at Fortiguard Labs.
Those who hack video conferences, such as via "Zoom bombing," are violating federal and state laws and could face prosecution, U.S. law enforcement officials say.
As global enterprises get their arms around supporting and securing a near-total remote workforce, their digital adversaries are adapting - and so is the role of deception technology. Carolyn Crandall of Attivo Networks discusses how deception can help mitigate new risks.
Metrics can help CISOs clearly communicate the potential impact of risks to senior executives and win support for a risk management strategy, say Randall Frietzsche, enterprise CISO of Denver Health, and consultant Dave Bailey of CynergisTek, who describe a step-by-step approach in a joint interview.
With the COVID-19 pandemic forcing large portions of the workforce to shift to telework, CISOs need to rethink corporate policies on the use of video conferencing platforms and other communications tools, says NIST's Jeff Greene, who offers risk mitigation advice.
A recently uncovered spear-phishing campaign is using fears of the COVID-19 pandemic to spread an information stealer called LokiBot. FortiGuard Labs researchers find that cybercriminals are once again using World Health Organization images as a lure.
Healthcare professionals are on the front line in the war against COVID-19, and cybersecurity leaders bear unique pressure to support and secure their efforts. But amid this crisis, Anahi Santiago, CISO of ChristianaCare, also sees tremendous strides in telehealth delivery.
As April begins, enterprises are starting to re-evaluate their COVID-19 response plans, says crisis management expert Regina Phelps. What are the other pandemic response planning phases we can expect to see as infections spread and quarantines continue?
A Magecart group has been using a new skimmer technique to target the online checkout sites of smaller businesses in order to steal credit card data, according to RiskIQ researchers, who have spotted 19 of these malicious JavaScript attacks so far.
Researchers at security firm Guardicore Labs are tracking a botnet they call Vollgar that's targeting devices running vulnerable Microsoft SQL Server databases with brute-force attacks and planting cryptominers in the infected databases.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.