In the latest weekly update, four ISMG editors share highlights of ISMG's upcoming Engage Toronto event and discuss how the U.S. Supreme Court may undercut the identity theft statute and how - despite tough economic times - vendor Wiz boosted its valuation by $4 billion in 16 months.
Cybersecurity will take its place alongside chemical contaminant removal as an element the U.S. Environmental Protection Agency says public water systems must mitigate. "Cyberattacks that are targeting water systems are real and a significant threat," said an EPA official.
A new federal strategy to make commercial manufacturers liable for insecure software requires an attainable safe harbor policy and could be a disincentive for software manufacturers in sharing important vulnerability information with the U.S. government, according to industry observers.
Retired Air Force Gen. Gregory Touhill, the very first U.S. federal CISO back in the Obama administration, says he's encouraged by the new U.S. National Cybersecurity Strategy. His top takeaway: the shift of cybersecurity responsibility from consumers to manufacturers of vulnerable products.
Online counseling provider BetterHelp is set to come under two decades of privacy monitoring by the U.S. Federal Trade Commission after settling allegations that it violated users' privacy by sharing identifying information with social media platforms including Facebook.
Tom Kellermann has never tempered his criticism of U.S. cybersecurity policies. But he is openly enthusiastic about the National Cybersecurity Strategy unveiled March 2. "I was blown away," Kellermann says about the Biden administration's new five-pillar policy. "Seriously, this is a true strategy."
The Biden administration has unveiled its new national cybersecurity strategy, detailing top challenges facing the U.S. and plans for addressing them. Goals include minimum security requirements for critical infrastructure sector organizations and liability for poor software development practices.
Irish authorities have fined a healthcare organization 460,000 euros - about $490,000 - for a 2019 Calum ransomware breach that compromised sensitive information of 70,000 patients, including the permanent deletion of data for about 2,500 of them.
With application GRC more critical than ever in today's dynamic, dispersed environment, what are the critical capabilities needed in a solution? Keri Bowman of Saviynt offers six recommendations, including risk reporting and out-of-the-box rule sets and compliance management.
In a video interview with Information...
A case before the U.S. Supreme Court may limit federal prosecutors' ability to bring charges of aggravated identity theft. A Texas man convicted of overbilling Medicaid argued Monday he's not also guilty of identity theft since he had a patient's permission to submit the bill.
The Australian government says it will centralize its approach to securing federal agencies by appointing a coordinator to head the new National Office for Cyber Security within the Department of Home Affairs. The appointment comes after back-to-back major data breaches.
With the U.S. COVID-19 public health emergency expected to end in May, the government is set to scrutinize telehealth providers for HIPAA violations. That’s why healthcare firms should review their telehealth platforms and vendors, says privacy attorney Adam Greene of Davis Wright Tremaine.
A top U.S. government official urged industry to become more conscientious over cybersecurity by preventing vulnerabilities from accumulating before products ship. CISA head Jen Easterly called for a more assertive role for government and an industrywide shift to memory-safe programming languages.
Automaker Tesla revised settings for its in-built cameras after a probe by the Dutch data privacy agency found its default settings enabled illegal recording and retention of data. "Teslas parked on the street were often filming everyone who came near the vehicle," DPA board member Katja Mur said.
The European Commission is preparing a proposal mandating more cooperation among national government agencies charged with enforcing the General Data Protection Regulation. Nationally driven enforcement of the regulation has emerged as a sore point for some during the GDPR's first half decade.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.