Cyber resilience extends beyond cyberattacks and encompasses the convergence of security and disaster recovery and takes into account other factors such as supply chain disruption, attacks on critical infrastructure, epidemics, market fluctuations, power outages, and natural disasters.
Over 5,000 major health data breaches since 2009 have affected the personal information of 370 million people. Ransomware gangs and hackers are targeting healthcare providers, insurance firms and partners at an alarming rate. Experts explain why it's such a dangerous game.
Broadcom's acquisition of VMware faces challenges from European regulatory authorities over potential competitive advantages. The $61 billion deal announced in May still needs clearance from the EU and also faces scrutiny by U.K. authorities before it can be finalized.
A top Georgia cybersecurity official urges industry leaders to shift conversations with customers from fear, uncertainty and doubt - or FUD - to awareness, preparedness and resilience. Stanton Gatewood says security officials should discuss user awareness and situational awareness with customers.
User education is vital to boosting the detection rate of phishing emails or social engineering scams that could lead to data breaches or ransomware infestations. Technology alone can't make websites or email inboxes safe since both are business-critical for all users, says ID Agent's Amelia Paro.
The shift to remote work introduced new security risks for Piedmont Healthcare since workers could no longer rely on the firm to protect their information. Employees need to understand the security issues associated with connecting to the network using personal devices, says CISO Monique Hart.
Third-party risk management; environmental, social and governance risk; risk quantification: They are all critical topics as we approach 2023. Richard Marcus of AuditBoard explains the significance of these areas and how security leaders should approach them strategically.
Complexity is the enemy of security, and information technology grows ever more complex. Have we created a problem space in computing so complicated that we will be unable to safely operate in it for its intended purposes? Fred Cohen says that's unlikely. He discusses managing risk in the future.
Ninety-four percent of recent survey respondents are concerned that TLS 1.3 will break their existing security controls. With the ever-expanding amount of encrypted network traffic mandated, it’s important to understand how to balance user and customer privacy with security controls. Join experts from Cisco Security...
In the latest weekly update, ISMG editors discuss implications of the seizure of $3.36 billion in stolen bitcoin, whether the EU is complicit in the spread of advanced spyware, and the departure of the U.K.'s Dr. Ian Levy, technical director of NCSC, with some important parting words.
As businesses grow, a key challenge for CISOs is to scale security and at the same time keep it simple, says Jagdish Mahapatra, vice president, Asia, at CrowdStrike. Mahapatra shares the three tenets of cybersecurity for CISOs and how to mitigate the impact of cloud migration on security.
This edition of the ISMG Security Report discusses how Australian health insurer Medibank is facing stark consequences for not paying a ransom to a group of cyber extortionists, how to limit unnecessary cybersecurity exposure during M&A, and how to manage challenges in hybrid environments.
A French-speaking gang codenamed "Opera1er" has been tied to the theft of at least $11 million from dozens of victims - mainly banks in Africa - and remains "active and dangerous," cybersecurity researchers warn, as they release indicators of compromise to help potential victims protect themselves.
The latest edition of the ISMG Security Report discusses how Australian health insurer Medibank is deliberating on whether to pay a ransom to extortionists, analyzes the growing number of layoffs in the security vendor space, and shares a tribute to threat intelligence researcher Vitali Kremez.
All employees should consider upholding the security of the organization part of their job regardless of their official role at the company, says Equifax Business Information Security Officer Michael Owens. But creating an organization-wide cybersecurity culture is easier said than done.