An analysis of FBI Director Christopher Wray's comments about how encryption poses complications for law enforcement officials leads the latest edition of the ISMG Security Report. Also featured: The former CISO of the state of Michigan sizes up cybersecurity forecasts.
The Office of the National Coordinator for Health IT's new chief privacy officer, Kathryn Marchesini, has a wealth of experience. But will the Department of Health and Human Services give her the resources she needs to get the job done?
It seems like every vendor in the data security industry makes predictions this time of year. Which ones should you pay attention to? All of them, says Dan Lohrmann, who formerly served as CISO of the state of Michigan.
Following the alert over Meltdown and Spectre vulnerabilities, the U.K. Information Commissioner's Office is warning that failures to patch today could be punished with fines under GDPR once enforcement of the data protection law begins later this year.
A 28-year-old Ohio man has been accused of running a 13-year spying scheme that used malware to steal millions of photos, live images and other data from computers. He is accused of developing and using Fruitfly, a malware application for Apple Macs and Windows.
Mobile phone retailer Carphone Warehouse has been hit with one of the largest fines ever imposed by Britain's data privacy watchdog after an attacker breached its outdated WordPress installation, exposing 3 million customers' and 1,000 employees' personal details.
Fixes for the Meltdown and Spectre vulnerabilities are leading to decreased processor performance, triggering cloud service and data center slowdowns. All Windows servers - plus older PCs - as well as Linux servers appear to be experiencing noticeable slowdowns.
FBI Director Christopher Wray says the agency was unable to access nearly 7,800 devices in fiscal 2017 because of encryption, which he alleges will pose ever-increasing complications for law enforcement. The FBI doesn't want a backdoor, he says, but rather a "responsible" solution to allow lawful access.
While a draft "trusted exchange framework" unveiled last week by federal regulators includes proposed components that could raise the bar for the security of health data exchange, some experts caution that elements included in the final document should not be overly prescriptive.
Patch or perish to protect against Meltdown and Spectre attacks, and prepare to keep patching as Intel, AMD and ARM, as well as makers of devices running Apple, Google and Windows operating systems, including Apple iOS and Android smartphones and tablets, continue to refine their fixes.
Microsoft has paused issuing security updates to some Windows PCs with AMD chipsets after at least one update - meant to add some Meltdown and Spectre mitigations - has left some systems unbootable. Microsoft blamed the problem on AMD failing to properly document its firmware.
One of the most alarming breaches of 2015, involving Hong Kong toymaker VTech, has resulted in a $650,000 settlement with the U.S. Federal Trade Commission. It's a warning that internet of things security shortcomings - especially involving children's personal data - will have business consequences.
Dave DeWalt, former CEO of McAfee and FireEye, identifies the next generation of cybersecurity threats in the latest edition of the ISMG Security Report. Also featured: an analysis of the recent news of the Meltdown and Spectre microprocessor flaws and the POS malware attack on retailer Forever 21.
It's been nearly one year since Dave DeWalt walked away from FireEye, where he served as CEO. The veteran security leader has a new role and some candid insights on the state of enterprise cybersecurity defenses.
Under what circumstances must a U.S. healthcare provider comply with the European Union's General Data Protection Regulation, which will be enforced beginning in May? In an in-depth interview, regulatory attorney Stephen Wu explains the conditions under which compliance is required.