Latest editorial and guest blogs on information risk management

The Virtual CISO with Steve King

Insights from a veteran cybersecurity pro

An Attacker's IoT Paradise: Billions of Insecure Devices

Steve King • July 30, 2020

The speed at which IoT is enabling innovation is far outpacing the ability of the security custodians to implement appropriate controls before these devices hit the market. That creates a classic target-rich environment for the bad guys - one that will require vigorous defense and oversight.

How Deception Technologies Enable Proactive Cyberdefense

Why Penetration Tests Are So Essential

Euro Security Watch with Mathew J. Schwartz

Tracking security and privacy trends across UK, Europe and beyond

Elite Russian Sandworm Hackers' Epic OPSEC Problem

Mathew J. Schwartz • October 22, 2020

An indictment unsealed this week demonstrates the degree to which Western intelligence agencies have apparently been able to infiltrate the Russian intelligence apparatus to trace attacks back to specific agencies - and individual operators. Shouldn't Russian spies have better operational security?

Ransomware: Would Banning Ransom Payments Mitigate Threat?

Criminals Still Going Crazy for Cryptocurrency

Safe & Sound with Marianne Kolbasuk McGee

Insights on the security and privacy of healthcare information.

Virtual Summit Dives Into Healthcare Cybersecurity Issues

Marianne Kolbasuk McGee • June 5, 2020

How have the cybersecurity challenges facing healthcare organizations changed during the COVID-19 pandemic? And how are organizations responding? Information Security Media Group's Healthcare Cybersecurity Virtual Summit, to be held on June 9 and replayed June 10 and 11, will provide insights.

Health Data Breaches: 3 Lessons Learned

HIPAA Enforcement: A Look Ahead

The Expert's View with Jeremy Kirk

Insights from industry experts

Home Loan Trading Platform Exposes Mortgage Documentation

Jeremy Kirk • October 21, 2020

MAXEX, a company that develops a digital trading platform for the secondary mortgage market in the U.S., leaked 9 GB of internal documentation as well as full mortgage applications for 23 individuals. The data was released by a Swiss-based developer who apparently was unaware it was sensitive.