A San Diego public hospital is diverting ambulances and patients to other facilities as it is dealing with a cyberattack this week. The medical center is the latest on a growing list of regional hospitals forced to suddenly shift patients to neighboring entities due to a cybersecurity crisis.
The U.S. Cybersecurity and Infrastructure Security Agency published guidance that offers best practices in developing consumption processes for software bills of materials, but experts told ISMG the document lacks technical specifics and warned that most organizations face SBOM resourcing issues.
In the latest weekly update, editors at Information Security Media Group discuss the shaping of responsible artificial intelligence governance, major takeaways from the U.K. AI Summit, and an overview of the main themes and insights from ISMG's recent Mumbai Summit.
European Union lawmakers and trading bloc governments reached a provisional agreement on a revised identity framework intended to digitize access to key public services for the majority of Europeans by the start of the next decade. The update is not universally welcomed by cybersecurity experts.
A shared IT services provider and its five Ontario member hospitals say their recovery from a Daixin Team ransomware attack in October could last into December as the group rebuilds its IT network. Meanwhile, the outage will continue to disrupt patient services, including diagnostics and treatments.
The battle against synthetic identity fraud has reached a critical point, as credit repair companies now play a major role in exacerbating this pervasive form of fraud. Synthetic identity fraud now comprises 85% of all identity fraud cases, with up to $20 billion in annual losses.
The EU-US Data Privacy Framework (DPF) was introduced by the European Commission to ensure the protection of Europeans’ data when transferring to eligible companies in the US.
Download this comprehensive guide to learn more about:
Lawful data transfer mechanisms, including standard contractual clauses and transfer...
Data protection and privacy frameworks adopted around the globe are generally established around some shared core principles. These principles are what guide organizations when processing personal data and underline many of the requirements found in modern privacy law.
Download this eBook to take a closer look at...
Conceptually, PIAs and DPIAs are the same, but there are notable distinctions between the two.
Download this comprehensive eBook to learn how to:
Understand the requirements and terminology;
Build the PIA and PTA questionnaires;
Embed the PIA within the organization
Deputy Attorney General Lisa Monaco announced Wednesday that the Justice Department will appoint a new board to advise top officials on the "ethical, lawful use of AI" following a White House executive order that sets new standards for the use of the emerging technology across federal agencies.
Heads of major European tech companies are calling on trading bloc lawmakers to revise a proposed cybersecurity law, which they argue will create bottlenecks that disrupt the supply chain. "We risk creating a COVID-style blockage in European supply chains," the company heads say.
The American Hospital Association, along with three other organizations, has filed a federal lawsuit seeking to have the U.S. Department of Health and Human Services withdraw guidance issued last year warning that the use of online trackers by hospitals potentially violates HIPAA.
Yes, you can simplify SOC 2. As security pros know, SOC 2 went from a distant nice-to-have to an absolutely-must-have-yesterday in the space of a single RFP or new business opportunity.
That’s why we created this quick-start guide—to help you cut through the clutter and focus on what you really need to know. It...
For over a decade, the HIPAA Security Rule has required covered entities and business associates to engage in risk analysis and management. But due to the recent surges in data breaches within the healthcare sector, it's time to embrace an information asset-based approach to risk analysis.
SEC regulators have filed charges against software company SolarWinds and its CISO Tim Brown - accusing them of misleading investors about the firm's cybersecurity practices in light of a high-profile hack. Canon security leader Quentyn Taylor examined implications for other CISOs.