Robotic medical devices, such as surgical gear, offer great potential to improve patient care, but the cyber risks associated with these products must be carefully addressed, said Kevin Fu, director of the Archimedes Center for Health Care and Medical Device Cybersecurity at Northeastern University.
A second cybercriminal gang - RansomHub - is trying to shake down Change Healthcare's parent company, UnitedHealth Group, and have it pay another ransom for data that an affiliate of ransomware-as-a-service group BlackCat claims to have stolen in February. Is this the latest ruse in a messy attack?
The U.S. Environmental Protection Agency is investigating claims that a notorious government hacker leaked a trove of contact information from the agency's database of critical infrastructure contractors. A spokesperson said the agency conducted a "preliminary analysis" of the allegedly leaked data.
As recovery from its Feb. 21 cyberattack continues, Change Healthcare and its parent company UnitedHealth Group are facing a growing pile of lawsuits, while health sector entities affected by the IT services disruption are dealing with a mounting stack of bills and other paperwork to catch up on.
A Filipino hacktivist group broke into servers owned and operated by the government's Department of Science and Technology and stole up to 25 terabytes of confidential data and backups. The hacking incident followed a series of successful cyberattacks against government agencies.
As Web 3.0 gains momentum, it poses major risks - economic uncertainties, cyberthreats and communication challenges, said RAID Square CEO Sébastien Martin. "There is a lot of regulation, and if you're not respecting the regulation, there is a lot of risk in terms of reputation," he said.
Besides not doing cyberthreat modeling at all, some the biggest mistakes medical device manufacturers can make are starting the modeling process too late in the development phase or using it simply as a "paper weight exercise," said threat modeling expert Adam Shostack of Shostack & Associates.
The European Data Protection Board guides the harmonization of regulations across 27 EU member states. EDPB Chair Anu Talus sheds light on the board's mission and the transformative impact of the General Data Protection Regulation since its inception in 2018.
The evolution of cloud computing in the financial sector has introduced complex security challenges that require innovative solutions. Samrat Bhatt of MatchMove Pay, who recently won ISMG's DCISO Award for technology innovation, shared his organization's journey to better cloud security.
What do a California cancer research center; an Indiana ear, nose and throat practice; an Oklahoma ambulance company; and a New York billing firm all have in common? They're among the latest firms to report data exfiltration breaches, which have affected millions of U.S. patients so far this year.
Federal regulators are continuing their crusade for healthcare firms to provide patients and their representatives with timely access to medical records when requested. HHS OCR recently hit two nursing home operators with fines in separate incidents involving HIPAA "right of access" disputes.
A Department of Health and Human Services division that administers funding, training and other services to children and families is putting sensitive data at high risk because of gaps in cloud security controls and practices, according to a watchdog agency report.
A federal judge has ruled to certify a "contract class" of more than 1 million CareFirst customers in a class action lawsuit claiming that the health insurer breached its contractual obligations to safeguard their data, which was accessed by hackers in a 2014 cyberattack.
How are U.S. telecommunications firms combating illicit location tracking being used by bad actors at home and abroad against their subscribers? That's the focus of a new call for comment from the Federal Communications Commission, which wants to know whether or not existing defenses are working.
Financial institutions have many risk management frameworks at their disposal but few of them address human behavior risks, which may stem from an employee's information processing or the tools used. Assessments of these risks often lack depth, said Rei Nikolai Magnaye, CISO at Equicom Savings Bank.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.asia, you agree to our use of cookies.
