In an in-depth interview, John Halamka, M.D., the former long-time CIO at Beth Israel Deaconess Medical Center in Boston, discusses his upcoming move to head Mayo Clinic's global digital health initiative in collaboration with Google - and why privacy and security are so critical to those efforts.
Investigations of two apparently unrelated phishing-related breaches that affected members of Presbyterian Health Plan have revealed the incidents had an even bigger and broader impact than originally thought. This underscores the challenges organizations can face when assessing the true impact of breaches.
The FBI has a new suspect in its sights, and there's one in nearly every home: smart TVs. It warns consumers to be wary because the devices can pose privacy and security threats - an unsecured smart TV could be the avenue hackers use to gain access to a home network.
What are the key mobile security threats to financial organizations, and how are these enterprises marshalling their mobile threat defense? These were the questions posed by ISMG and Wandera to security leaders in San Francisco. Wandera's Michael Covington discusses the response.
The EU's second Payments Services Directive is alive and well. But where are financial institutions now re: compliance and enforcement? James Rendell of CA Technologies, a Broadcom company, offers insight on PSD2 and EMV 3DS compliance for 2020.
As a security leaders, too often you are brought to the table after a digital transformation project has been initiated, so you are forced to take a reactive position. But Adam Bosnian of CyberArk sees an important, proactive role for security. And a good start is by ensuring privileged access management is a key...
Your best bet to avoiding the potentially exorbitant costs of a vendor hack is to not have one in the first place. A solid vendor risk management program, backed up by technology, policies, and procedures is the best protection. Good review and audit processes can catch any vendor-related problems before they become...
A new malware campaign uses a Trojanized version of the game Tetris to target healthcare and educational institutions for credential stealing, according to Blackberry Cylance. Analysts have observed evidence of the threat actors attempting to deliver ransomware with the 'PyXie' Trojan.
Organizations that suffer a security incident must be prepared to rapidly respond. Here are eight incident response essentials they must follow, from executing their breach response and notifying stakeholders to activating external service providers and working with regulators.
German software giant SAP has apologized after a software update mistakenly assigned higher-level privileges to some users within New Zealand's firearms buy-back database, exposing personal details for gun owners. The system has been shut down by police.
Getting the proper vendor contracts completed is a top concern for organizations preparing to comply with the California Consumer Privacy Act, says Caitlin Fennessy, research director at the International Association of Privacy Professionals.
This year's Black Hat Europe conference in London features dozens of briefings touching on a wide variety of topics, including exploiting contactless payment and Bluetooth vulnerabilities, identifying vulnerable OEM IoT devices at scale and running false-flag cyberattacks.