Michael Lines is working with Information Security Media Group to promote awareness of the need for cyber risk management, and as a part of that initiative, the CyberEdBoard will post draft chapters from his upcoming book, "Heuristic Risk Management: Be Aware, Get Prepared, Defend Yourself." This post's chapter is...
The spyware of sanctioned Israeli firm NSO Group was reportedly detected on the smartphones of high-profile Polish figures associated with the nation's opposition party. And the spyware has also reportedly been tied to the phone of Hanan Elatr, wife of the late journalist Jamal Khashoggi.
Cyber GRX senior director and CyberEdBoard executive member Peter Gregory discusses data everyone has that is an asset, but also a liability - your contact list - and how to decrease your chances of it turning toxic.
The findings from a penetration test can help you identify risks and gaps in your security controls. Charles Gillman offers tips to maximize the value of your next pen test and, in the process, deliver better results.
The Biden administration has announced that the U.S. and several allies have aligned to create the Export Controls and Human Rights Initiative, which puts stricter criteria around the export of certain offensive cyber tools, particularly those that end up in the hands of authoritarian regimes.
Federal regulators are warning healthcare sector entities worldwide that an authentication vulnerability in a variety of Hillrom Welch Allyn cardio products, if exploited, could allow attackers access to privileged accounts. Why is the flaw so worrisome for some healthcare IT environments?
As the final weeks of 2021 wrap up, the federal health data breach tally continues to show hacking incidents by far dominating as the top category of breaches being reported. That includes the addition of several major ransomware incidents reported by healthcare entities and vendors in recent weeks.
Ensuring compliance with the data protection framework is one of the big challenges for enterprises in South Africa, says Varsha Sewlal, the executive officer for legal, policy, research and information technology analysis and the deputy information officer with the Information Regulator South Africa. She discusses...
India's Personal Data Protection Bill is "a useful framework that requires organizations to analyze the sensitivity of data that they collect and process and use this analysis to adopt a customized cybersecurity plan," says Keshav Dhakad, general counsel and group head of corporate, external and legal affairs for...
A medical biller in Florida and an emergency medical technician in New York have each pleaded guilty in two separate federal cases involving the criminal misuse of patient information. One case involved healthcare fraud and identity theft, and the other criminal HIPAA violations.
In October, Missouri's governor accused a journalist of hacking after he alerted the state to exposed personal information on a state education website. Now, emails reveal that state planned on thanking him before it chose to pursue prosecution and that the FBI immediately dismissed the incident.
Spyware from sanctioned Israeli firm NSO Group has reportedly been detected on at least nine iPhones belonging to U.S. State Department officials with "state.gov" email addresses, who are located in Uganda or whose work focuses on Uganda, according to Reuters.
Ransomware continues to dominate headlines with no sign of slowing down. What started more than 30 years ago has become one of the most prevalent and lucrative cyberattacks that does not discriminate by company size, industry or geography.
The Department of Health and Human Services has revealed its taken enforcement actions against five more healthcare providers in cases involving alleged failure to comply with the HIPAA Privacy Rule right of access provision. One includes a rare civil monetary penalty, which was levied against a physician.
An Ohio-based DNA testing company reported to regulators that the information of more than 2.1 million individuals contained in a legacy database was accessed and acquired in a hacking incident detected in August. The archived database contained personal information collected more than a decade ago.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.