Security comes to Las Vegas this week in the form of Black Hat USA 2017. Hot sessions range from an analysis of power grid malware and "cyber fear as a service" to details of two major hacker takedowns and how the world's two largest ransomware families cash out their attacks.
Two years after a massive breach that exposed the personal information of some 21.5 million individuals, the U.S. Office of Personnel Management continues to labor in its attempt to guarantee the security of its information systems.
Healthcare organizations that rely too heavily on HIPAA compliance are coming up short when it comes to security, says Jennings Aske, an attorney who's CISO at New York-Presbyterian. A far better approach, he says, is to rely on the NIST cybersecurity framework or other comprehensive frameworks.
Federal regulators are reminding healthcare organizations not to overlook the security risks related to collaborative file sharing tools and other cloud-based services.
In the wake of the reported FBI probe into Moscow-based Kaspersky Lab, here's a question: Could a government compel a domestic cybersecurity firm to ignore state-sponsored malware, or even add backdoors to its software or hardware products, without getting caught?
Many security leaders argue over whether their incident response posture needs to be proactive or reactive. But Rsam CISO Bryan Timmerman says it isn't either or - that organizations need both. Here's why.
Health insurer Anthem has agreed to a proposed $115 million deal to settle a class action lawsuit over a 2015 cyberattack that resulted in data breach affecting nearly 78.9 million individuals. If approved, lawyers say it would be the largest data breach settlement ever.
The back story behind the ransom attack that led to the unauthorized early release of the Netflix series "Orange Is the New Black" is a cautionary tale in dealing with cyber extortionists such as The Dark Overlord.
Hackers can breach air-gapped voting machines and tallying systems in an attempt to alter ballots to sway the outcome of an election, a Senate panel has learned. Also, at the hearing, DHS discloses that Russian hackers targeted 21 state election systems before the 2016 election.
Concerns over Russian hacking of state election systems are mounting. In New York, Gov. Andrew Cuomo has ordered a review of security efforts related to state elections. On Capitol Hill, Sen. Mark Warner wants DHS to release additional details relating to cyberattacks targeting state election systems.
A watchdog agency's estimate that as much as $729 million worth of HITECH Act incentive payments might have been paid to doctors who failed to provide proof that they were meeting requirements for meaningful use of EHRs - including risk assessments - is raising questions about the program's accountability.
Eastern European cybercrime is evolving, and some of the latest trends defy conventional wisdom. Moscow-based cybersecurity company Group-IB offers an analysis of some of these changes.
A watchdog agency's audit of Virginia's Medicaid information systems found security weaknesses that could potentially leave beneficiaries' data vulnerable. Security experts say the audit's recommended improvements are needed at many healthcare organizations.
President Trump's recently signed cybersecurity executive order, which requires federal agencies to use the NIST cybersecurity framework, highlights strategies that some security experts would like all healthcare organizations to follow as well.
When it comes to breach preparation, it isn't just about protecting IT assets. Increasingly, the conversation is about reputational risk management, says Jacob Olcott of BitSight Technologies.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.