ISMG Editors: Tough Lessons Learned From Log4j, RansomwareDiscussion Also Addresses Lawsuit Against Health Insurer Excellus
In the latest weekly update, four editors at Information Security Media Group discuss important cybersecurity issues, including how too many organizations are still failing to implement basic cybersecurity defenses - such as MFA or locking down remote desktop protocol; a proposed lawsuit against health insurer Excellus that calls for an improvement to its data security program; and strategies for securing open-source and other software components.
The editors - Marianne Kolbasuk McGee, executive editor, HealthcareInfoSecurity; Anna Delaney, director, productions; Mathew Schwartz, executive editor, DataBreachToday & Europe; and Tom Field, senior vice president, editorial - discuss:
- Ransomware trends indicating that despite an increased focus by Western governments on tracking, targeting and disrupting ransomware, the volume of new ransomware victims doesn't appear to have declined;
- A proposed settlement in a class action lawsuit filed against health insurer Excellus in the wake of a cyberattack that affected 10.5 million individuals that calls for the company to take a series of measures to improve data security;
- Highlights from an interview with Chris Wysopal of Veracode about what organizations should be doing to improve their in-house security of open-source code.
The ISMG Editors' Panel runs weekly. Don't miss our previous installments, including the Jan. 14 edition discussing whether 2022 will be the year of the SBOM and the Jan. 21 edition discussing whether ransomware will kill cyber insurance.