DNS is not well understood as a signal and control point in cybersecurity, says Andrew Wertkin of BlueCat Networks, who discusses key steps to change this perception.
What are some of the complexities of the EU's General Data Protection Regulation, which will be enforced beginning May 25? Gerald Beuchelt, CISO at LogMeIn, offers compliance insights in an in-depth interview.
The FDA is proposing to pre-certify vendors of certain medical device software, including various mobile apps, allowing the companies to skip the agency's much more rigorous pre-market approval process for hardware-based medical devices.
Can technology solve the problem of giving law enforcement access to all encrypted communications without additional risks to the public? Software legend Ray Ozzie says he has an idea. But it's unlikely to quell the debate over hard-to-break encryption.
In this edition of the ISMG Security Report: Privacy watchdogs in the EU begin enforcing GDPR in less than 30 days; are organizations ready? Also, a look at the top 10, real-world online threats facing business and financial software firm Intuit.
Two recent security incidents involving ransomware attacks on vendors serve as the latest reminders of the risks business associates pose to healthcare organizations. What steps should entities take to mitigate those risks?
Insider threats aren't going away, but the introduction of machine learning and AI are proving to be powerful tools in the fight, says Randy Trzeciak of Carnegie Mellon University's CERT.
Plenty has been said about threats to internet of things devices - and rightfully so. But what about operational technology that often has been neglected by security controls? Mark Nunnikhoven of Trend Micro weighs in on OT risks.
Federal regulators are proposing an overhaul to the "meaningful use" electronic health record incentive program. But current program requirements for conducting a security risk analysis would stick.
An attack spoofed internet routing information, resulting in anyone who visited MyEtherWallet.com - a free, open source web app for storing and sending ether-based tokens - instead being routed to an attacker-controlled site, leading to an estimated $320,000 in losses.
Large healthcare companies in the U.S., Europe and Asia are getting hit with a backdoor that comes from a long-observed group, which Symantec calls Orangeworm. The backdoor has been found on X-ray machines and MRIs.
The city of Atlanta's ransomware outbreak cleanup and response tab has hit $2.6 million after a March attack froze corporate servers, employees' PCs and resident-facing portals. Some security experts say the breach response funds would have been put to better use preventing the outbreak in the first place.
One measure of why it's so difficult for organizations to keep their software patched and better secured: Of the nearly 20,000 unique vulnerabilities in 2,000 products cataloged last year, only half involved Microsoft, Adobe, Java, Chrome or Firefox software, says Flexera's Alejandro Lavie.
What can be done to address the shortage of personnel to fill the ever-expanding roster of cybersecurity jobs - from entry-level positions through the CISO role? (ISC)2's John McCumber describes organizational and governmental efforts to lower barriers to entry and build tomorrow's workforce.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.