Federal regulators are urging healthcare sector organizations to reassess whether their authentication methods need strengthening to help prevent breaches. But does their advice go far enough in advocating multifactor authentication?
U.K. Chancellor Philip Hammond used the launch of Britain's new five-year National Cyber Security Strategy to trumpet the country's strike-back capabilities. But other parts of the strategy - including more automated defenses - hold much greater promise.
In recent weeks, many more hacker attacks - including some ransomware assaults - on healthcare entities large and small have been added to the federal tally of major breaches, continuing a trend that started in 2015.
I'm looking forward to this week in London, where Jason Tunn of the Metropolitan Police Service will walk us through a high-profile cybercrime investigation that resulted in the 2015 arrest of two British hackers with links to Russia after they attacked leading U.K. banks with the Dridex banking Trojan.
In an interview, experts from one of the FFIEC's five regulatory agencies explain why the council released a "frequently asked questions" guide to its Cybersecurity Assessment Tool and how they hope banking institutions will put the FAQ to use.
In the twelfth HIPAA enforcement action so far this year, federal regulators have smacked St. Joseph Health System with a $2 million penalty after investigating a breach that exposed patient information to internet searches for more than a year. And more enforcement actions tied to other breaches are on the way.
A federal watchdog agency's reviews of Minnesota's state-operated Obamacare health insurance exchange and Colorado's Medicaid eligibility and claims processing systems reveal a variety of security weaknesses that are also common among healthcare providers.
Verizon is reportedly awaiting the full results of a digital forensic investigation into the record-setting Yahoo data breach to ascertain whether it will revise its $4.8 billion bid to buy the search firm. Did the breach have a "material impact" on Yahoo's business? That's the question.
"How secure are we?" That's one of the most common questions asked by boards and senior managers. But security and technology leaders do not always have ready answers, says Jacob Olcott of BitSight Technologies. Are they even using the right security metrics?
Hacker attacks continue to account for the vast majority of health data breach victims this year, according to the latest federal tally. Some security experts expect that trend will persist as long as many organizations focus narrowly on HIPAA compliance rather than larger cybersecurity issues.
To better mitigate the breach risks tied to the growing use of mobile devices, organizations need to adopt enterprise digital rights management as a way to improve data security, says Gartner's John Girard.
Markus Jakobsson, Chief Scientist at Agari, has released a new book focused on socially-engineered schemes. What are the key takeaways, and how can security leaders improve their abilities to fight back against the schemers?
Bad news: A developer has released the source code for Mirai malware, which is designed to automatically find and hack internet of things devices, turning them into DDoS cannons. The malware has been tied to recent record-smashing DDoS attacks.