Hackers have repeatedly stolen valuable data - including launch codes and flight trajectories for spacecraft - from NASA's Jet Propulsion Laboratory in recent years, according to a new inspector general audit, which describes weak security practices.
ISMG's Healthcare Security Summit, to be held in New York on June 25, will feature a top-notch roster of expert speakers, including regulatory and law enforcement authorities, CISOs from leading healthcare provider organizations and technology thought leaders.
License plate and traveler photos collected at the U.S. border have been compromised after a federal government subcontractor was hacked. While Customs and Border Protection officials claim the image data hasn't been seen online, security experts say it's already available for download via a darknet site.
Organizations across all sectors are experiencing the cybersecurity skills gap however, it's not just a skill deficit - it's a capacity gap that is widening, driven mainly by the fact that our networks are becoming more complex.They're more distributed, mobile- and cloud-enabled; therefore, it's becoming more of a...
A Kansas hospital has agreed to pay $250,000 to settle allegations that it falsely attested to conducting a security risk analysis as required under the HITECH Act electronic health records financial incentives program. Two whistleblowers in the case will receive $50,000 from the settlement.
Organizations across all sectors feel the cybersecurity skills gap. But Austin Murphy of CrowdStrike says it's not just skills - it's a capacity gap. He shares insight on how organizations can help bridge these divides.
On the sixth stop of a multi-city tour, ISMG and Sonatype visited San Francisco for an engaging discussion on how to mitigate risks introduced by open source software. Sonatype CMO Matt Howard discusses the relevance and value of this application security conversation.
Federal regulators have issued new guidance clarifying when a business associate can be held directly liable for compliance with the HIPAA privacy, security and breach notification rules. Why is there still so much confusion?
Federal regulators have smacked a cloud-based electronics health records vendor with a $100,000 HIPAA settlement in the wake of a 2015 cyberattack that affected millions of individuals. What's the focus of the enforcement action?
Overwhelmed by the number of vulnerabilities your team faces? Uncertain which cyber threats pose the greatest risk to your business? You're not alone. Cybersecurity leaders have been grappling with these challenges for years - and the problem keeps getting worse.
On average, enterprises find 870 vulnerabilities per...
"How secure is your supply chain?" It's a question that can strike terror into the heart of a CISO - even one who's in charge of a mature security organization.
Download this guide on assessing third-party risk and learn how to:
Be realistic about who chooses who you do business with;
Create a questionnaire and...
A sophisticated attack campaign dubbed "Operation ShadowHammer" involved an advanced persistent threat group planting backdoors within Asus computers by subverting the Taiwan-based PC maker's third-party supply chain and updater software, Kaspersky Lab warns.
This Gartner report charts your course to the future of information security with Gartner's "continuous adaptive risk and trust assessment" (CARTA) as your guide.
This reports highlights a need for security and risk management leaders to embrace a strategic approach where security is adaptive, everywhere, all the...
Many healthcare organizations are falling short in their incident response plans, says Mark Dill, principal consultant at tw-Security. The former director of information security at the Cleveland Clinic discusses best practices for keeping those programs current in an interview at the HIMSS19 conference.
The HHS Office for Civil Rights is paying particular attention to complaints involving patients' access to their health information; it's also focusing on investigations of organizations with patterns of HIPAA noncompliance, Nick Heesters of the agency explains in an interview at the HIMSS19 conference.