In an in-depth audio interview, Beth Anne Killoran, the new CIO at the Department of Health and Human Services, outlines top cybersecurity priorities, describes how the agency is recruiting new security talent and outlines efforts to bolster the security of Obamacare's HealthCare.gov website and systems.
SecurityScorecard is out with its 2016 Healthcare Industry Cybersecurity Report, and it paints a grim picture about how vulnerable healthcare entities are to socially engineered schemes. CEO Aleksandr Yampolskiy shares insight from the study.
What critical factors make the healthcare sector vulnerable to cyberattacks? In this audio interview, CISO Dave Summitt of the H. Lee Moffitt Cancer Center and Research Institute offers insights.
Chinese manufacturer Xiongmai will recall up to 10,000 webcams in the wake of the IoT-powered DDoS attacks that pummeled DNS provider Dyn. But information security experts say that only a more resilient internet will blunt future attacks.
The proposed guidance from the National Highway Traffic Safety Administration focuses on hardening a vehicle's electronic architecture against cyberattacks and to ensure vehicle systems take appropriate actions even if an attack succeeds.
The hacktivist who allegedly launched distributed denial-of-service attacks in 2014 on Children's Hospital of Boston and another local healthcare facility in protest of a controversial child custody case has been arraigned on federal charges. Indictment documents provide details on the impact of the attacks.
Internet of things security takeaway: Save yourself, and by doing so, maybe help save the rest of us too. That's the obvious takeaway from the rise of low-tech, high-impact Mirai malware, which has been tied to the record-setting Oct. 21 DDoS attack against Dyn.
Apple's security defenses have improved dramatically in recent years, but poorly written drivers in third-party applications could provide key access to critical parts of macOS.
Proposed federal cybersecurity standards for the nation's largest banks would mainly mandate what's been recommended in earlier guidance. So compliance shouldn't be challenging.
Federal regulators are reminding for-profit companies that if they collect and share consumers' health information, they not only need to comply with HIPAA security and privacy regulations, but also the Federal Trade Commission Act. Is their new guidance too narrow?
Chinese manufacturer Xiongmai has promised to replace or patch some IoT components that attackers are using to build massive internet of things Mirai botnets to wage DDoS attacks, such as the Oct. 21 disruption of DNS provider Dyn. But security experts question whether these moves will blunt future IoT attacks.
Federal regulators will be kicking off remote HIPAA compliance "desk audits" of business associates next month and more comprehensive onsite audits of both covered entities and BAs early next year. Learn more about what's next for the audit program.
Changes in NIST's upcoming revision of its security and privacy controls guidance acknowledge the view that security and privacy are concerns for all sectors, not just the federal government.
There are two Yahoo conspiracy theories: It was hacked by a "state-sponsored actor," and it disabled email forwarding to prevent a post-breach exodus. Although neither scenario appears to be true, that doesn't mean the badly breached search giant is in the clear.
Neutering the army of web-connected devices used in the large internet attack that hampered access to major sites - including Amazon, PayPal, Spotify and Twitter - is technically possible. But no option offers either a great or near-term fix.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.