The Internal Revenue Services' internal financial reporting systems and IT infrastructure have 14 new security vulnerabilities, along with a long list of previously unresolved deficiencies, according to a U.S. Government Accountability Office audit.
Enumerating medical devices, identifying where the security risks lie and then implementing a multilayered defense plan to mitigate risks should be top priorities for healthcare organizations, says thought leader John Halamka, M.D., executive director for technology exploration at Beth Israel Lahey Health.
George Orwell's "1984" posited a world in which Big Brother monitored us constantly via "telescreens." But thanks to our "smart" AI home assistants - from Google, Amazon and others - we're increasingly installing the monitoring equipment ourselves, and it may "hear" much more than we realize.
Researchers at the security firm Tenable uncovered a vulnerability in a Siemens software platform used to manage industrial control systems, and Siemens has issued a patch. The same platform was exploited during the Stuxnet attack a decade ago.
A cybersecurity vulnerability discovered in open source software used by organizations conducting genomic analysis could potentially have enabled hackers to affect the accuracy of patient treatment decisions. But the vulnerability was patched before hackers took advantage of it, researchers believe.
An effective third-party risk management program starts with asking the right questions, says Brad Keller, chief strategy officer and senior vice president at the Santa Fe Group, a strategic advisory company, who spells out key issues to address.
Bipartisan healthcare legislation that a Senate health committee passed on Wednesday includes a provision that would incentivize healthcare entities to adopt "strong cybersecurity practices" by encouraging federal regulators to consider organizations' security efforts when making HIPAA enforcement decisions.
Hackers have repeatedly stolen valuable data - including launch codes and flight trajectories for spacecraft - from NASA's Jet Propulsion Laboratory in recent years, according to a new inspector general audit, which describes weak security practices.
ISMG's Healthcare Security Summit, to be held in New York on June 25, will feature a top-notch roster of expert speakers, including regulatory and law enforcement authorities, CISOs from leading healthcare provider organizations and technology thought leaders.
License plate and traveler photos collected at the U.S. border have been compromised after a federal government subcontractor was hacked. While Customs and Border Protection officials claim the image data hasn't been seen online, security experts say it's already available for download via a darknet site.
Organizations across all sectors are experiencing the cybersecurity skills gap however, it's not just a skill deficit - it's a capacity gap that is widening, driven mainly by the fact that our networks are becoming more complex.They're more distributed, mobile- and cloud-enabled; therefore, it's becoming more of a...
A Kansas hospital has agreed to pay $250,000 to settle allegations that it falsely attested to conducting a security risk analysis as required under the HITECH Act electronic health records financial incentives program. Two whistleblowers in the case will receive $50,000 from the settlement.
Organizations across all sectors feel the cybersecurity skills gap. But Austin Murphy of CrowdStrike says it's not just skills - it's a capacity gap. He shares insight on how organizations can help bridge these divides.
On the sixth stop of a multi-city tour, ISMG and Sonatype visited San Francisco for an engaging discussion on how to mitigate risks introduced by open source software. Sonatype CMO Matt Howard discusses the relevance and value of this application security conversation.