Scuffles between anti-virus software vendors have stepped up a notch, with startups and industry stalwarts slinging mud at each other. Cylance now says it plans to make its product available for tests used to benchmark security software.
New federal guidance that describes processes in the current round of HIPAA compliance audits - which could lay the foundation for future rounds of audits - illustrates the massive amount of documentation demanded for these "desk audits."
CISOs face the continuing challenge of how to clearly communicate information security risk to the board and senior management. But now they can take advantage of a free metrics framework designed to help evaluate an organization's cybersecurity readiness. Phil Cracknell of ClubCISO describes the effort.
The new "No More Ransom" portal is designed to emphasize that police and security firms are doing whatever they can to disrupt ransomware gangs, as well as to help more victims get their data back for free, says Intel Security's Raj Samani.
The Global Cyber Alliance is taking on small projects to come up with solutions to big cyber risk problems. "It's essentially using a startup approach to a much bigger problem," CEO Phil Reitinger, who will keynote the upcoming ISMG New York Fraud and Breach Summit, says in this interview.
CEO fraud campaigns are becoming far more common. A recent attack against our company was deflected because of the alertness of a staff member who received a fraudulent wire transfer request, illustrating why well-informed employees truly are the best lines of defense against these schemes.
SentinelOne is taking a marketing gamble by offering to reimburse customers who suffer a ransomware infection if the security firm can't remediate affected systems. But let's take a close look at what's actually on offer.
CISOs must be empowered to define the security architecture for smart cities. How? By securing endpoints of known and unknown device categories in the network, says David Dufour, head of security architecture for smart cities at Webroot.
A Congressional proposal that would allow HHS to offer technical assistance to private-sector efforts aimed at solving the problem of matching the right records to the right patient could pave the way for a significant breakthrough, says Lynne Thomas Gordon, CEO of AHIMA, which represents records professionals.
Security firm ThreatConnect says Guccifer 2.0, who claims to be the lone hacker of the Democratic National Committee, may have close ties to Russia. But after reviewing related technical evidence, not all security experts agree.
The Petya ransomware gang says it released 3,500 crypto keys that it stole - along with source code - from rival Chimera ransomware developers. If the keys are legitimate, security firms say they can build decryption tools for Chimera victims.
A Georgia-based orthopedic clinic has confirmed it's one of the victims of cyberattacks by "The Dark Overlord" hacker who recently posted for sale copies of stolen databases he says contain millions of records. But the clinic is tight-lipped about whether it was a victim of extortion.
Fallout from the leaked Democratic National Committee emails continues, with a new finding that suggests cyberattackers compromised a staffer's personal email account. The FBI also has confirmed its ongoing investigation into the breach.
Implementing a successful cybersecurity strategy in light of advanced threats calls for operationalizing three key principles: visibility, identity and risk, says Zulfikar Ramzan, chief technology officer at RSA.