Merger and acquisition activity picked up in September with BitSight, Tenable and Mastercard, all making deals. Moody's became BitSight's largest shareholder after making a $250 million investment in the company.
Key challenges from the recent State of Cybersecurity 2021 report include "integrating risk with maturity and keeping up with industry trends," says Jenai Marinkovic, member of the ISACA Emerging Trends Working Group.
Despite security improvements over the last seven years, the U.S. Agency for International Development, or USAID, needs to better protect the large amounts of personal identifiable data - such as Social Security numbers - that the agency collects, according to an inspector general's audit.
Despite these financial headwinds, new ways are emerging for FIs to differentiate on the quality of fraud prevention and outreach they can provide to customers.
T-Mobile USA says its massive data breach is worse than it first reported: The count of prepaid and postpaid customers whose information was stolen has risen to 14 million. Also revised upward: its count of 40 million exposed credit applications from former customers and prospects.
During the COVID-19 pandemic, many healthcare sector entities - faced with so many new demands and added pressures - have shifted their attention and resources away from some of the most critical cybersecurity activities, says former healthcare CIO David Finn of consultancy CynergisTek.
Initial access brokers continue to sell easy access to networks. Given the uptake of such access by ransomware operations over the past year, one surprise is that relatively few individuals appear to be serving as brokers, which, of course, makes them an obvious target for law enforcement authorities.
Mark Ballister, CISO of the University of Rochester Medical Center and Jon Moore, chief risk officer of consulting firm Clearwater, discuss how the medical center's security risk management program has evolved since carrying out a HIPAA corrective action plan after two data breaches.
While the U.S. government is making strides in improving the nation's cybersecurity, it needs to do more to protect critical infrastructure from attacks and create public-private partnerships to improve national security, the Cyberspace Solarium Commission notes in a report published Thursday.
The answer to the increasing volume of challenges is not to just add another tool into the mix, it's to add the tools the organization is already using into an integrated cohesive mix.
The Office of Management and Budget is ordering federal agencies to begin identifying "critical software" that needs protection as part of the effort to fulfill President Biden's cybersecurity executive order. Executive branch agencies then will have a year to implement security measures.
Even though the healthcare sector is clearly a major target for disruptive cyberattacks, many organizations have yet to take the necessary steps to prevent intrusions or respond to incidents, says Amit Trivedi, a director at the Healthcare Information and Management Systems Society.
A congressional report examining eight federal agencies found that seven continue to improperly protect sensitive data and do not meet basic cybersecurity standards.
The Department of Health and Human Services is seeking comments on how it can improve its security risk assessment tool, which is designed to help smaller organizations conduct assessments as required under HIPAA. Some critics have said the tool is too difficult to use.
What's up with REvil? Questions have been mounting since the notorious ransomware operation went quiet on July 13, not long after unleashing a mega-attack via remote management software vendor Kaseya's software. The Biden administration has welcomed REvil's online shutdown but says it doesn't know the cause.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.
