In the twelfth HIPAA enforcement action so far this year, federal regulators have smacked St. Joseph Health System with a $2 million penalty after investigating a breach that exposed patient information to internet searches for more than a year. And more enforcement actions tied to other breaches are on the way.
U.S. Presidential candidate Donald Trump's business organization downplayed a finding from a UK-based researcher that the organization uses, in some cases, decade-old email software, posing significant cybersecurity risks.
A recent breach reported by an Arlington, Texas-based pediatric clinic serves as the latest reminder of the substantial risks ransomware poses to patient data. The clinic offers advice to others based on difficulties it experienced in the response to the attack, and security experts also provide insights.
In January, banks and other financial services companies based in New York may have to comply with tough new cybersecurity requirements. But some critics contend that the state's regulatory proposal is far too prescriptive, making it challenging for banking institutions, especially smaller ones, to comply.
IoT devices running the authentication protocol OpenSSH are being compromised and used as proxies in attacks that aim to take over accounts at popular web services, according to new research from Akamai.
With comprehensive network modeling extending into virtual networks, network security engineers can gain the needed visibility to unify security and compliance processes across their hybrid hardware and virtual environments.
A malware-wielding gang has been targeting financial firms' SWIFT software to inject fraudulent money-moving messages since at least January in "discreet campaigns" not tied to the Bangladesh Bank hack, Symantec warns.
The National Health Information Sharing and Analysis Center aims to better engage smaller healthcare organizations in cyber threat information sharing, leveraging funds from two recent federal grants. Denise Anderson, president of NH-ISAC, describes the plans in this in-depth interview.
Fashion accessories retailer Vera Bradley says its payments processing system was compromised by a malware attack. The retailer says card transactions conducted between July 25 and Sept. 23 at some of its 35 locations may have been affected.
Understanding the difference between cybersecurity crisis management and security incident response could be critical to your organization's survival. In this blog, a CISO offers insights on creating an effective crisis management plan.
A report on the verbal combat between Hillary Clinton and Donald Trump over whether the Russian government is using hacks to influence the U.S. presidential election leads the latest edition of the ISMG Security Report. Also, an update on Dropbox's new password protection strategy.