The latest edition of the ISMG Security Report analyzes the changes in the ransomware landscape one year after the attack on Colonial Pipeline. It also revisits the Ryuk ransomware attack on a school district in Illinois and examines common culprits hindering effective Zero Trust adoption.
In this episode of "Cybersecurity Unplugged," Tim Danks of Global Risk Perspectives discusses issues around trusting our global supply chain, including the role of Huawei, the steps needed to secure critical infrastructure, and the process for determining a comfortable level of risk management.
A new initiative aims to create a standards-based nationwide patient credential and matching ecosystem to ultimately improve matching patients with their electronic health information, says Scott Stuewe, CEO of DirectTrust, the nonprofit, vendor-neutral organization that is leading the effort.
Many experts advise organizations to pivot from a maturity-based approach to a risk-based approach to cybersecurity. Tia Hopkins, field CTO and chief cyber risk strategist at eSentire, discusses where the maturity-based approach falls short and how a risk-based approach can help organizations.
The latest edition of the ISMG Security Report analyzes what lessons cybersecurity leaders can learn from the Russia-Ukraine war. It also examines the Okta data breach and Lapsus$ attack and describes how tech companies are supporting new developments in the FIDO protocol.
Healthcare sector organizations should prepare to deal with potential hacktivist attacks tied to controversy surrounding the U.S. Supreme Court's leaked draft ruling and eventual final decision involving Roe vs. Wade, says attorney Erik Weinick of the law firm Otterbourg PC.
Rockford Public Schools in Rockford, Illinois, was hit by Ryuk ransomware days after the school year started in September 2019. The attack encrypted more than 6 million files, wrecked applications and locked up servers. But the district kept classes running while mounting a mighty recovery effort.
In this episode of "Cybersecurity Unplugged," David Bruce of Broadcom discusses the competition and noise that marketers face today, why product builders and marketers should communicate about strategy, and how to describe your product in a way that lets customers know why it's important.
This ISMG Security Report analyzes the decline in the number of organizations hit by ransomware who choose to pay a ransom to the attackers. It also examines how to better protect digital identities in the healthcare sector and how security decision-makers can use metrics to achieve better outcomes.
New industry guidance provides a detailed road map to help healthcare sector entities respond to and recover from cyberattacks involving extended IT outages, say Lisa Bisterfeldt and Kirsten Nunez, who are members of the Health Sector Coordinating Council task force that developed the resource.
This ISMG Security Report analyzes the U.S. State Department's reward offer of up to $10 million for information about Russian military hackers implicated in NotPetya. It also examines how ransomware may evolve and the new cybersecurity draft guidance issued by the Food and Drug Administration.
As one of the architects of Israel's offensive Red Team intelligence unit and Incident Response Team, Reuven (Rubi) Aronashvili, CEO of Israeli cybersecurity company CYE, provides a highly informed view of current cyberwarfare in the Russia-Ukraine war, including how it differs from kinetic warfare.
The cost of a data breach is mighty. And for healthcare entities, the cost of a HIPAA violation also can prove costly. Greg Hoffman of Paubox shares five critical steps you might be overlooking to ensure emails remain HIPAA-compliant and tells how to take compliance responsibility out of human hands.
In this episode of "Cybersecurity Unplugged," Prachee Kale - a pioneer of CyberEd.io's Think.Design.Cyber. - discusses the need for systems and design thinking in cybersecurity marketing, how to tell your marketing story, and how systems and design thinking can lead to creative solutions.
The Food and Drug Administration's decision to incorporate "quality systems regulations" into its new draft guidance for premarket medical device cybersecurity is an important development in the scope of the agency's expectations for manufacturers, says Dr. Suzanne Schwartz of the FDA.