Security control validation (SCV) is the foremost use case of Breach and Attack Simulation to help organizations answer the essential security questions needed to become threat-centric:
Test and measure the performance of security controls individually
and collectively
Obtain actionable insight to maximize...
Federal authorities are warning the healthcare and public health sectors of aggressive, financially motivated attacks by the Hive ransomware group, which has been linked to a number of attacks on healthcare sector entities. Some security experts are urging such entities to fortify their defenses.
Digital transformation across the financial services industry has accelerated public cloud adoption. As workloads leave the confines of their private data centers, financial institutions (FIs) are now faced with sub-optimal access to the applications and data hosted in the cloud, where security often takes the...
The latest edition of the ISMG Security Report analyzes the latest cyberthreats to the energy sector as Russia's invasion of Ukraine continues. It also examines best practices for Customer Identity and Access Management and how healthcare institutions can sharpen their defense strategies.
In our latest report, we detail seven primary cyber threats that organizations across the financial services sector will face in 2022. Some of them, such as ransomware, are not new but nevertheless remain a serious threat. Others, such as decentralized finance (DeFi) and cryptocurrencies, are newer, so to speak, and...
In order to keep pace with the card fraud threat landscape, financial institution CISOs must continually refresh their awareness and understanding of card fraud tactics, techniques, and procedures (TTPs). Even for the novice cybercriminal, there are few barriers to entry and near-infinite resources in illicit forums...
A high-ranking U.S. government official has been convicted of stealing the personal information of thousands of federal workers as well as government software. Murali Y. Venkata, 56, was acting branch chief at the DHS's Information Technology Division in the Office of the Inspector General.
Federal authorities are warning the healthcare sector of potential threats involving Lapsus$ - including those related to the group's recent hack of Okta - and also of potential phishing attacks arising out of a recent breach experienced by email marketing services provider Mailchimp.
Five recently reported data breaches involving cyberattacks on a variety of different types of healthcare sector entities have affected a total of more than 1.2 million individuals. Experts say the incidents highlight the intensifying threat landscape in the sector.
When acclaimed bank robber Willie Sutton was captured, a reporter inquired as to why he robbed banks. His simple answer was "because that's where the money is”. With advances in technology, it is plausible to “virtually” rob banks without involving weapons, but rather by a simple computer keystroke.
This...
When it comes to advanced threat response, 42% of financial institutions say their current abilities are average. Only 35% say automation currently plays a strong role. Josh Zelonis of Palo Alto Networks and Sid Srivastava of Accenture analyze the State of Security Automation in Financial Services.
Tools and methodologies that have been helpful for global public health research might also provide better understanding of the root causes of cybercrime and the motivation of cybercriminals, especially as such crime has surged during the COVID-19 pandemic, says Stanley Mierzwa of Kean University.
Recent breach reports filed by a law enforcement benefits health plan, a healthcare staffing firm and a rural medical center are the latest examples of the diverse range of healthcare sector entities being targeted by cyberattackers. What do experts recommend?
Regulators have slapped four small covered entities with HIPAA enforcement actions, including three settlements and one civil monetary penalty. The most egregious case involves an Alabama dentist who disclosed patient information for use in his unsuccessful campaign for state Senate.
Healthcare and Life Sciences organizations know that while IoT devices are necessary for the modern healthcare environment, they can pose real security risks if proper protections are not put into place. From dealing with devices running outdated software to diagnosing networks gone haywire, we’ll talk through some...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.