What's it like to serve in the dual roles of CISO and DPO? Gregory Dumont, who has both responsibilities at SBE Global, a provider of repair and after-sales service solutions to the electronics and telecommunication sectors, explains how the roles differ.
Healthcare organizations can take steps to start mitigating risks while awaiting vendor software patches to address URGENT/11 IPnet vulnerabilities in their medical devices, says researcher Ben Seri of security firm Armis, which identified the flaws.
A dental practice in Texas that responded to patients' Yelp reviews by disclosing patient names and other health information has gotten a bad review from federal regulators: A $10,000 HIPAA monetary settlement and a corrective action plan.
Microsoft's Remote Desktop Protocol is one of the most widely used utilities for connecting to remote machines. But it poses risks if organizations don't actively monitor how it's used, says Chris Morales of the security firm Vectra.
A recent rash of ransomware attacks in the U.S. healthcare sector shows the serious disruptions these assaults can pose - including temporarily, or even permanently, stopping patient care.
Medical facilities and hospitals across the state of Victoria in Australia were infected by file-encrypting ransomware on Monday, causing the shutdown of patient booking systems and financial systems. At least one hospital has reverted to using paper-based systems.
The Food and Drug Administration has issued an alert warning healthcare organizations about 11 vulnerabilities dubbed "URGENT/11" involving IPnet, a third-party software component that may introduce risks for certain medical devices and hospital networks.
With all of the tools deployed for endpoint detection and response, enterprises today are often overwhelmed by threat intelligence, says J.J. Thompson of Sophos. To alleviate "analysis paralysis," Sophos has just launched its Managed Threat Response service. Thompson details its offerings.With all of the tools...
"Cyberattacks are one of the unfortunate realities of doing business today," reads gaming company Zynga's data breach notification, thus breaking the first rule of crisis management: Own your mistakes. Hacker Gnosticplayers claims the company was still storing passwords using outdated SHA1.
U.S. voting machines remain susceptible to tampering, hacking and security vulnerabilities despite warnings from ethical hackers and security researchers in the lead-up to the 2020 U.S. presidential election, according to a recent report by the DEF CON Voting Village
An unspecified malware attack against the IT systems of Rheinmetall's automotive division in Brazil, Mexico and the U.S. is costing the company an estimated $4 million a week, the company says. It's one of several attacks over the last two weeks affecting defense contractors.
A former Army contractor has been sentenced to two years in federal prison after admitting causing more than $1 million in damage by accessing servers and data that belonged to a Pentagon client of his employer, according to the Justice Department.
A security researcher has uncovered what may rank as one of the most significant iOS weaknesses ever discovered: a flaw that enables bypassing the security protections present in most Apple mobile devices. While the vulnerability can't be patched, an attacker would need physical access to exploit it.
What are some of the most important aspects in managing vendor security risk when taking on third parties to handle sensitive data? Mitch Parker, CISO of Indiana University Health, explains the critical steps his organization is taking in its approach to vendor risk.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.