CISOs should ask tough questions of vendors that claim to offer machine learning and artificial intelligence capabilities so they can cut through the marketing hype to find out what's real, says Sam Curry of Cybereason.
Blockchain is one of 2018's top buzzwords, but - cryptocurrency usage aside - the technology's practical applications are more hype than reality, says Gartner's Avivah Litan. But that doesn't mean blockchain lacks promise.
CISOs must make sure the board of directors is well-informed about security issues before they make decisions on setting priorities, says Stephen Katz, the world's first CISO.
The EU's General Data Protection Regulation, which has tough breach notification requirements, is spurring global interest in technologies to help prevent insider breaches, says Tony Pepper of Egress Software Technologies.
Identifying the right controls to manage specific risks is a vital component of an enterprisewide security program, says Gregory Wilshusen of the U.S. Government Accountability Office.
Managed detection and response enables organizations to use telemetry to better detect when compromises occur and then take action, says J. Paul Haynes of eSentire.
Business email compromise attacks continue to be lucrative for the criminally inclined. With the FBI reporting that reports of such attacks have recently doubled, researchers find that tricking victims into making fraudulent wire transfers remains attackers' top goal.
In the past six months, more than 7,000 sites that run Magento e-commerce software have been infected with malicious JavaScript designed to harvest customers' payment card details as they finalize their orders, a security researcher warns.
Hear from the FBI on the tenets of cyber defense and current trends in cybercrime. Then, learn from Shape Security about a specific type of cybercrime: imitation attacks.
A new council of healthcare CISOs hopes to work together toward improving uniformity and efficiency in the way organizations review the security controls and practices of third-party vendors that handle sensitive patient data.
Police in Shanghai are investigating the apparent loss of 130 million customers' personal details from Huazhu Hotels Group. The data exposure may trace to the Chinese hotel group's developers accidentally uploading to GitHub access credentials for a production database.
Air Canada is forcing 1.7 million mobile app account users to reset their passwords after it detected unusual login behavior that it says may have exposed 20,000 accounts, including passport information. But the company is enforcing password complexity rules that experts advise against.
Federal regulators are being asked to relax anti-kickback rules so that resource-strapped healthcare providers can accept certain donations or subsidies of cybersecurity products and services.
Microsoft appears set to patch a zero-day local privilege escalation vulnerability after a researcher published proof-of-concept exploit code for the flaw. That's a relatively rare turn of events these days, owing to Microsoft's bug bounty program rules.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.
