The latest edition of the ISMG Security Report features Greg Touhill, the United States' first federal CISO, discussing how "reskilling" can help fill cybersecurity job vacancies. Plus, California considers tougher breach notification requirements; curtailing the use of vulnerable mobile networks.
Senator Mark Warner, D-Va., has sent letters to four federal agencies and 12 healthcare associations posing long lists of questions as a prelude to developing short-term and long-term strategies for improving healthcare cybersecurity.
Cybersecurity FutureWatch is an in-depth analysis of cyber trends and forecasts. This data-driven report illustrates critical industry developments that will inform a company's cybersecurity planning as technology advances.
In a case of business email compromise, Chinese hackers stole $18.6 million from the Indian arm of Tecnimont SpA, an Italian engineering company, through an elaborate cyber fraud scheme that included impersonating the firm's chief executive.
A variety of security weaknesses contributed to a massive 2017 health data security breach in Singapore, according to a new report. What can healthcare organizations around the world learn from the report's security recommendations?
What not to do after a breach? Share your incident response plan with your attorney and say, "Don't pay too much attention to it; we don't follow it." Randy Sabett of Cooley LLP discusses this and other lessons learned from breach investigations.
As attackers increasingly take advantage of users' risky behavior, enterprise security leaders are taking steps to improve end-user security education. Gretel Egan of Wombat Security outlines how to focus on education strategies that are truly effective.
Over the last five years, cybercrime occurrences have escalated dramatically, taking hold of organizations
worldwide - affecting revenue, productivity, information security, and reputation. In 2017 Cost of
Cybercrime Study, the Ponemon Institute emphasizes that, on average, organizations have paid
$11.7 million USD...
Those of you who are CISOs and have been conducting awareness programs for years realize that ''the devil is in the details" when building a successful program. Initial attempts to get an awareness program started are usually done by trial and error- but this hit-and-miss approach is often ineffective or frustrating....
About 30 new health data breaches - including a phishing attack impacting 1.4 million individuals - have been added in recent weeks to the official federal tally, pushing the total victim count for 2018 so far to 6.1 million.
Augusta University Health in Georgia says it just recently concluded that a phishing attack that occurred - and was detected - 10 months ago resulted in a breach potentially exposing information on 417,000 individuals. Security experts are questioning why the breach determination took so long.
The Forum of Incident Response and Security Teams recently announced the release of new training resources to help organizations build and improve product security incident response teams. Damir "Gaus" Rajnovic of FIRST discusses the global need for these resources.
The hacking of an email account of a medical clinic employee during travels overseas demonstrates the risks posed to data when workers travel. Security experts offer insights on mitigating those risks.