The Medical Device Innovation, Safety and Security consortium is hoping its new network of labs operated by healthcare entities across the globe for the standardized cyber testing of medical devices will help to greatly reduce risks, say MDISS leader Dale Nordenberg, M.D., and Benjamin Esslinger of Eskenazi Health.,...
Office of Personnel Management Chief Information Officer David DeVries says negative aspects of a Government Accountability Office report on steps OPM is taking to secure its IT paint an incomplete and not fully accurate picture of the agency's cybersecurity posture.
Security expert Troy Hunt has released a massive data set of compromised passwords that's intended to help web services steer users away from picking those that have already been exposed in data breaches.
Some experts say a federal appeals court's overturning of a lower court's decision to dismiss a class action lawsuit filed against health insurer CareFirst in the wake of a cyberattack could be precedent-setting.
As financial organizations deploy artificial intelligence and machine learning in the fight against money-laundering fraud, David Stewart of SAS offer tips to help separate fact from market hype when reviewing new data analytics tools.
Britain's home secretary claims that "real people" don't really want unbreakable, end-to-end encryption - they just like cool features. Accordingly, she asks, why can't we just compromise and add backdoors, thus breaking crypto for everyone?
Vendors that provide the U.S. government with internet-connected devices would need to ensure they can be patched, don't include hard-coded passwords that can't be changed and are free of known security vulnerabilities, according to a new, bipartisan Senate bill.
Hackers have struck Hollywood again, claiming HBO as their latest victim. So far, some unaired programming has been leaked online, as have details relating to a forthcoming "Game of Thrones" episode - but no actual episodes.
An Atlanta-based neurological practice is the latest healthcare organization to recover from a ransomware attack, only to discover it was the victim of a significant earlier hacking incident. What are the lessons to learn?
Penetration tests can reveal holes in an organization's security. But framing the scope of a penetration test can be challenging, and good results don't necessarily mean 100 percent security. says attorney Kay Lam-MacLeod.
Nuance has issued an unusual public letter to customers explaining why the medical transcription services vendor has decided not to report the NotPetya malware attack on the company to federal regulators as HIPAA breach. How did Nuance make its determination?
When it comes to risk, attorney Mark Doepel sees what he describes as "high cyber awareness, but low cyber literacy" among senior business leaders. But as nations adopt new breach legislation, boards and C-suites need to develop a deeper, granular understanding of risk - and fast.
A hacker attack on a women's healthcare clinic that impacted 300,000 patients ranks as the second largest ransomware-related health data breach reported to federal regulators. Why did it take months before the clinic detected the malware?