Healthcare entities need to rehearse breach response playbooks to avoid paying fines to the Department of Health and Human Services for poor incident response after a severe breach. Well-tested security incident response plans ensure the security of patient data, says the HHS Office of Civil Rights.
Health insurer EyeMed Vision Care will pay New York regulators $4.5 million to settle an investigation into its 2020 data breach incident. States are becoming more aggressive in applying enforcement actions against data breaches, say regulatory attorneys.
The evolution of IT infrastructure, cloud-based applications and cloud-based workloads has elevated the importance of incident readiness and response. As organizations continue to make substantial changes to pursue the “next normal,” it’s essential to leverage expertise to help recover quickly from an incident...
An incident response plan and retainer are critical to organizational security, but fewer than 50% of organizations have these procedures and SOPs in place.
ESG’s "An Ounce of Prevention: Investing in Incident Readiness" e-book examines the incident readiness market, reveals how far organizations have come in...
As the cyber landscape continues to grow, being prepared is crucial to minimizing the organizational impact.
While the Forrester report, “The 2021 State of Enterprise Breaches,” found enterprises spend a median of 37 days and a mean of $2.4 million to find and recover from a breach, Forrester also discovered...
Zero trust-targeted attacks, phishing, vishing, smishing and social engineering are on the rise, targeting individuals and human vulnerabilities. What can companies do to stay ahead? Steve Benton of Anomali shares insights on intelligence-empowered detection and response.
Personal data from MyDeal, a marketplace owned by Australia's Woolworths Group grocery chain, has appeared for sale on a data leak forum. It comes as wine retailer Vinomofo disclosed a breach and as the Optus telecommunications breach continues to fuel data security concerns in Australia.
Decentralized finance exchange Mango Markets is set to pay $47 million as a bug bounty to the hacker who stole $117 million in digital assets on Wednesday, after 96% of the governance voted in favor of the deal. Mango Markets is a trading platform riding on the Solana blockchain.
Fast-fashion clothing giant Shein has been fined $1.9 million by the New York state attorney general for multiple failings tied to a massive 2018 data breach, including substandard password security as well as failing to alert users or force password resets in a timely manner.
Emails encrypted through Microsoft Office are vulnerable to attacks that can reveal the original content of messages due to shortcomings in the protocol, says WithSecure security researcher Harry Sintonen. Microsoft says it may finally abandon its use of the Electronic Code Book algorithm.
Lloyd's of London says it has fully restored network services and that an investigation uncovered no evidence of a compromise. The insurance and reinsurance marketplace giant took systems offline last week after detecting what it called "suspicious activity."
Two Australian regulatory agencies are investigating the telecommunications company behind the country's second-largest data breach, affecting approximately 10 million people. Optus could face millions of dollars in fines from probes into the firm's privacy and data retention practices.
Patient portals, electronic prescriptions and some other IT systems are still affected at an undisclosed number of CommonSpirit Health hospitals and clinics in several states more than one week after a cyber incident hit the multistate hospital chain.
The Google-Mandiant marriage will combine Google's security monitoring tools with Mandiant's threat intel and attack surface management solutions, plus new SOAR and file and URL analyzer capabilities, to create an "end-to-end threat intelligence and cybersecurity operations suite."