It's important to look into the inherent risks of engaging with vendors before getting into assessing individual companies, says Devender Kumar, CISO at TMF Group, who discusses how to handle risks arising from third parties.
Because vendors were implicated in many of the largest health data breaches in 2019, it's more critical than ever for healthcare organizations to manage the security risks posed by their suppliers, says Erik Decker, CISO and chief privacy officer at the University of Chicago Medicine.
When he was CEO of RSA, Art Coviello warned global security leaders about cyber warfare among nation-states. What he didn't anticipate was how quickly social media would rise, enabling adversaries to weaponize misinformation. How does this impact his 2020 outlook?
For two years, an attack group using Ukraine-based infrastructure has been creating hundreds of lookalike domains to target customers of 14 different Canadian banks via phishing attacks, security researchers at Check Point warn.
Apple and Google have stopped distributing a popular messaging app marketed to English and Arabic speakers called ToTok. The New York Times has reported that U.S. intelligence agencies believe ToTok was developed by the United Arab Emirates government to spy on its citizens. The government bans rival offerings.
The year 2019 saw a marked increase on breach responses services for small-to-midsized businesses. Kristin Judge, CEO of the Cybercrime Support Network, outlines the state of cybersecurity for the midmarket.
Healthcare organizations must carefully vet their medical device suppliers to scrutinize how they're handling the security of legacy products and the lifecycle design of new devices, says consultant Kim Hirsch of Fusion Risk Management.
Tom Kellermann, former cybersecurity adviser to the Obama administration, doesn't mince words when he describes the nation-state threat to the U.S. as the "axis of evil in cyberspace." Nor does he hold back about the threat from destructive attacks, 5G deployment and other trends to watch in 2020.
The gang behind Maze ransomware now lists 21 alleged victims on its website that it says have not paid a demanded ransom, including the Florida city of Pensacola. But Canadian construction firm Bird, which was listed as a victim, subsequently disappeared from the list.
MasterCard will acquire security startup RiskRecon for an undisclosed sum, the two companies announced Monday. The deal will allow MasterCard to offer third-party risk assessment to its business customers and consumers.
Ransomware: It's the cybercrime "gift" that won't stop taking. What can organizations do to improve prevention, detection and response in 2020? Ex-FBI leader MK Palmore of Palo Alto Networks shares his insights.
Identity and Access Management is at the epicenter of many corporate security vulnerabilities. Markku Rossi of SSH Communications Security discusses how a "Just-in-Time" approach to credential management eliminates standing privileges.