An analysis of the privacy issues Amazon will face as it dives deeper into the healthcare business leads the latest edition of the ISMG Security Report. Also featured: A preview of ISMG's Security Summit in New York Aug. 14-15.
Nearly two dozen security weaknesses in OpenEMR - open source electronic medical record and practice management software - left patient data vulnerable to cyberattacks before most were patched, according to the London-based security research firm Project Insecurity.
Even though many organizations believe that supply chain cyber risk is a serious problem, very few organizations are vetting their suppliers, says CrowdStrike's Michael Sentonas.
Forty-eight percent of customers drop the products and services of organizations that have had a publicly-disclosed data breach. This is but one of the findings of the new 2018 Global State of Online Digital Trust study commissioned by CA Technologies. CA's David Duncan analyzes the results.
Documents containing information on more than 300,000 patients were recently discovered on the former campus of a Missouri hospital that's being prepared for demolition four years after the hospital moved to new facilities. The incident illustrates the need to track all paper records that contain PHI.
More than a dozen technology and medical organizations are asking HHS why it's taking so long to issue regulations aimed at limiting the blocking of health information sharing. The regs were called for in a law passed in 2016.
A WannaCry outbreak has hit unpatched Windows 7 systems at Taiwan Semiconductor Manufacturing Co., crippling its factories. The world's largest chipmaker, which traced the infection to a new software tool that it failed to scan for malware before installation, says the outbreak could cost it $170 million.
Web application security is much more than an IT problem. It can become a significant business problem if not handled properly. Attacks on web applications can by-pass your security and harm your business by creating unwanted downtime, reducing availability and responsiveness and shattering trust with your customers...
Cyberattacks should be top of mind more than ever before. These attacks have never been limited to an individual endpoint, an individual system, or an individual company. Threat actors can now spread malicious content and execute attacks all over the world, crossing borders and industries, in a matter of seconds....
The chief security officer for the U.S. Democratic Party is recommending that all party officials avoid using mobile devices made by Chinese manufacturers ZTE and Huawei. Bob Lord says that even if devices from those manufacturers are free or low cost, no one wants to be the next "patient zero."
Weapons and attack capabilities that were previously only observed in large-scale nation-state operations are now falling into the hands of the masses. Today's attackers are more sophisticated, and capable of exploiting weaknesses at previously unseen speed and scale.
Download this white paper and learn:
The...
A financial services company with responsibility for protecting sensitive customer data lacked centralized visibility into alerts, had limited expertise to triage, prioritize, and escalate incidents, and spent significant time generating customized financial compliance reports.
After deciding not to build their own...
Even companies in full compliance of industry regulations get exploited. In truth, seeking to become impenetrable is admirable but entirely unrealistic. Now is the time to shift from "check box compliance" to risk-based security defenses that rely on incident response.
Download this brief and learn how to:
Combine...
PCI-DSS mandates all organizations that accept, transmit, process and store cardholder data must continuously monitor and safeguard all sensitive customer information.
Download this brief and learn how to:
Simplify compliance reporting;
Create custom reports to meet your business needs;
Find the right balance...
The FFIEC/NCUA guidance and supervision affects federally supervised financial institutions and their holding companies. However, complying with FFIEC/NCUA guidance can challenge financial institutions that have limited resources.
Download this brief and learn how to:
Simplify FFIEC/NCUA compliance with custom...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.
