Federal regulators are sounding an alarm to warn healthcare sector entities of cyberattacks involving a tried-and-true hacking method - credential harvesting, which can be used to compromise patient data, disrupt healthcare operations and enable other crimes.
In the latest weekly update, legal expert Jonathan Armstrong joined three ISMG editors to discuss the Department of Justice's antitrust lawsuit against Apple, ransomware payment dilemmas and AI copyright infringement fears - highlighting the intricate legal issues shaping big tech and cybersecurity.
The Office of Management and Budget issued the first-ever governmentwide guidance for mitigating risks associated with the federal use of artificial intelligence, including specific actions agencies must complete within a year to help ensure the responsible use of emerging tools and technologies.
Proposed federal sticks and carrots to incentivize the health sector to implement stronger cybersecurity standards are already meeting opposition from some industry groups that say financial help is welcome but payment penalties for perceived laggards likely will do more harm than good.
The 2024 Healthcare Cybersecurity Benchmarking Study — a collaboration between Censinet, KLAS, the American Hospital Association, Health-ISAC, and the Healthcare and Public Health Sector Coordinating Council — provides an overview on the state of healthcare cybersecurity preparedness, maturity, and resiliency. It...
‘Next-generation’ GRC professionals now play a pivotal role in guiding executive decisions, helping the Board understand and set cybersecurity risk tolerance levels, and working with the frontline business to decide which risks should be remediated, mitigated, or even accepted. This business-focused approach...
As ransomware continues to threaten care operations at hospitals and health systems across the country, managing enterprise cyber risk now means managing risks to patient safety. This Solution Brief provides 5 best practices for identifying, managing, and mitigating enterprise cyber risk to help health systems...
Artificial intelligence (AI) has huge potential to transform healthcare for the better, but given AI’s unbridled adoption across the industry in just the past year alone, healthcare organizations must begin to actively manage the risks that AI presents to cybersecurity and patient safety. Based on conversations with...
The European Commission will scrutinize Meta's pivot to a subscription model in response to a string of rulings from data protection boards limiting the social media giant's ability to legally collect user data. Europe announced a slew of investigations into American big-tech companies.
After suffering a data breach, organizations that work closely with regulators and cybersecurity officials will be treated with greater leniency if their case results in penalties and a fine, says new guidance on data protection fines published by the U.K. Information Commissioner's Office.
A Russian hacking group is targeting German political parties as part of a Moscow-backed espionage campaign. The latest APT29 campaign marks the first time the group has been seen targeting political organizations, according to researchers at Mandiant.
A nursing home operator is seeking bankruptcy protection, citing the effects of a ransomware attack last fall and fallout from the recent Change Healthcare outage as factors that contributed to its financial woes. Also, a Senate bill aims to address cash flows for some health firms hit by an attack.
In the latest weekly update, four editors discussed ISMG's plans for in-depth and diverse coverage at the 2024 RSA conference, the latest guidance on web trackers from federal regulators and the latest forecasts on quantum computing - and why security teams should care.
Revenue cycle management firm MedData has agreed to a $7 million settlement in a class action lawsuit filed after an employee inadvertently uploaded and exposed the health and personal information of about 136,000 individuals on the public-facing part of GitHub for more than a year.
Fraudsters increasingly focus on synthetic entity fraud because forming a corporation requires few verification checks. This lack of rigorous verification by business registrars has led to an explosion in fake companies, said Andrew La Marca at Dun & Bradstreet.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.
