The National Security Agency last month issued guidance on advancing zero trust programs through the network and environment pillar, with a key focus on microsegmentation. While the concept of microsegmentation is nothing new, why is the NSA behind it? And when will others follow?
UnitedHealthGroup said for the first time that hackers behind a February ransomware attack against Change Healthcare breached sensitive health information, an admission that triggers a regulatory countdown clock for public disclosures and individual notification.
Healthcare sector organizations often still struggle to implement security frameworks effectively, often not fully understanding the requirements or failing to integrate them into their overall cybersecurity strategy, said Keith Forrester of security firm Optiv, who offers tips to help.
Wiz is in advanced negotiations to buy Lacework for between $150 million and $200 million. The companies recently signed a letter of intent and are now in the midst of a comprehensive due diligence process, after which a decision will be made on whether the acquisition will go through.
Social media giant Meta's attempt to navigate European data protection rules by offering a fee-based opt-out from behavioral advertising came under fire Wednesday by a trading bloc agency that said freedom from personalized marketing should typically be free.
Michigan's largest federally qualified health center, which treats homeless and underserved patients, is notifying more than 184,000 individuals of a December ransomware attack that compromised their data. The incident reflects the many challenges that under-resourced healthcare groups face.
The aftershocks of the Change Healthcare cyberattack are still reverberating through the healthcare sector nearly 60 days into the recovery process. But on Tuesday, members of Congress and industry experts grappled with how to avoid a future replay - minus a key witness: UnitedHealth Group.
OpenSSF launched a new tool Tuesday in partnership with the Department of Homeland Security and the Cybersecurity and Infrastructure Security Agency to help simplify for federal agencies and private organizations the process of reading and generating software bills of materials.
The FTC has proposed restricting a mental telehealth service firm from sharing consumer data and requiring it to pay a $7 million penalty to settle allegations that the firm used online tracking tools to unlawfully disclose sensitive health information to third-party advertisers without consent.
A global law firm that provides data breach legal services has agreed to an $8 million settlement to resolve a proposed class action lawsuit filed against the firm in the aftermath of its cyberattack last year, which affected some health sector clients and nearly 638,000 individuals.
As the Sam Bankman-Fried courtroom saga continues, crypto policy expert Ari Redbord discusses the sentencing's impact of the FTX founder on the ecosystem and regulations, what lies ahead for the industry and approaches to curbing illicit finance threats in the space.
The proposed bipartisan, bicameral American Privacy Rights Act poses a variety of potential implications to the healthcare sector and other groups that handle health-related data - if the legislation gains traction in Congress and actually gets signed into law, legal experts say.
The IT services disruptions resulting from the Change Healthcare cyberattack is continuing to have a "devastating" effect on physician practices, threatening the financial viability of many and posing serious implications to patient care, said the American Medical Association in a new study.
Cybercriminals launched 7.78 million attacks against U.K. businesses and nearly 1 million against charity organizations, according to the latest U.K. government survey report. But fewer than half of those firms reported the incidents to authorities, something researchers say is a concerning trend.
A Wisconsin nonprofit managed care organization is notifying nearly 534,000 individuals that their protected health information was copied and stolen in a recent attack by a "foreign ransomware gang" that also attempted - but failed - to encrypt the group's IT systems.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.