Operational technology (OT) cybersecurity stakeholders and ICS asset owners may have blind spots within their operation that a completely passive ICS cybersecurity solution cannot solve. Incomplete asset information and device visibility resulting from dormant and legacy ICS devices can leave networks exposed to...
Hacking incidents involving email appear to be the most common type of major health data breach being reported to federal regulators so far in 2020. But the largest breach added to the tally involved a type of incident rarely seen in recent years: the theft of an unencrypted laptop.
Globally, the coronavirus has infected more than 75,000 people and led to over 2,000 deaths. But business travelers should avoid panic, says pandemic expert Regina Phelps, who offers preventive health tips for those headed to international events, such as the RSA 2020 conference.
Time for a fresh edition of "learn from how others get breached" focusing on Equifax. The goal is not blame, but rather to highlight specific missteps so others can avoid making the same mistakes. The Equifax breach offers a plethora of takeaways to help organizations better repel attackers.
The U.S. Senate Intelligence Committee released its third report on Russian interference during the 2016 presidential election, finding that the Obama administration struggled to respond and more needs to be done to avoid disruption this year.
A Texas orthopedic practice says a recent malware attack "permanently damaged" thousands of electronic patient records. It's the latest in a string of healthcare incidents in which various forms of malware rendered records inaccessible.
If Iowa's experiment with a new tabulation app during the Democratic caucuses is the warmup for the 2020 presidential election process, then we're in for a bumpy ride. But what happened there isn't a technology problem. It's a human problem rooted in a failure to properly evaluate risk.
The National Institute of Standards and Technology has unveiled a pair of draft practice guidelines that offer updated advice and best practices on how to protect the confidentiality, integrity and availability of data in light of increasing threats from ransomware and other large-scale cyber events.
Iowa prosecutors have dropped all charges against two penetration testers who were contracted to test the electronic and physical security of three judicial facilities, only to be arrested for trespassing. The case highlights how a lack of communication before penetration tests can have serious consequences.
For the second consecutive year, ServiceNow is a Magic Quadrant Leader. And a driving force in defining the Integrated Risk Management market.
We feel the Gartner 2019 Magic Quadrant for Integrated Risk Management is an invaluable aide for those seeking an unbiased, third-party evaluation of vendors as digital...
U.K. officials reportedly are considering a proposal to allow China's Huawei to play a limited role in providing certain equipment for the country's 5G rollout, which would defy calls from the U.S. for a complete ban of telecom gear from the company.
Federal regulators are warning healthcare providers about six vulnerabilities in some of GE Healthcare's medical device systems that could allow attackers to remotely take control of the gear. The company is working on patches.
Security teams are dealing with more vulnerabilities than they can handle. Spreading these limited resources too thin can quickly lead to inefficiency and burnout. Don't waste precious time re-mediating vulnerabilities that pose little to no risk.
With risk-based vulnerability management, you'll know exactly which...
How much do you know about the supply chain that takes a vulnerability and turns it into an exploit?
In this new report, Tenable Research explores the lifecycle of exploits - from discovery to utilization in a breach. Their analysis of cybercrime economics will help you better protect your organization. Read the...
Written by SANS experts, Practical Industrial Control System Cybersecurity: IT and OT Have Converged explores key issues arising when IT and OT are combined into cyber-physical systems, where risks must be continually identified and managed.
Download the whitepaper to learn how to answer these key questions: