An employee of the NSA's Tailored Access Operations group has pleaded guilty to mishandling classified information. The material ended up in the hands of Russia after he copied it to his home computer, which had Kaspersky Lab's anti-virus software installed.
More organizations are making a much-needed shift from using Security Operations Centers to support operations to using them as a strategic tool to help detect attacks and quickly set up response mechanisms, says Sameer Ratolikar, CISO at HDFC Bank.
Federal regulators are reminding healthcare entities and business associates of the serious security and privacy risks that terminated employees can pose and offering advice for mitigating those risks.
Next year, the Singapore parliament will consider a cybersecurity bill that was revised after government officials reviewed numerous public comments on a draft version. The purpose of the bill is to establish a framework for the oversight and maintenance of cybersecurity in the government and the private sector.
Medical devices are increasingly used by cybercriminals to compromise networks, systems and patient data, says Dr. Jack Lewin of the consultancy Lewin and Associates, who's also chairman of the National Coalition on Health Care. That's why physicians should be advocates for better device security.
The lack of skilled personnel is hampering incident response, but automation can help, says Mike Fowler of DFLabs. Providing responders with "playbooks" for step-by-step incident response processes, for example, is essential, he contends.
The healthcare sector's cybersecurity efforts needs to shift from a focus on protecting patient information confidentiality to protecting patient safety, says Joshua Corman, co-founder I Am The Cavalry, a grassroots, not-for-profit cyber safety organization.
Canadian citizen Karim Baratov has pleaded guilty to targeting more than 11,000 webmail accountholders to steal their passwords, including targeting 80 Gmail accounts at the request of an alleged Russian intelligence agent tied to a 2014 hack attack against Yahoo that exposed 500 million accounts.
From GDPR to the NIST Cybersecurity Framework, vendor risk management is a key component of every new piece of cybersecurity guidance. Yet, security leaders still struggle to inventory and assess their strategic partners. Sam Kassoumeh of SecurityScorecard explores the challenges.
Looking for a way to benchmark your cybersecurity organization against those of your peers? Intel Health and Life Sciences and its partners offer a Healthcare Security Readiness program that provides a benchmarking opportunity, David Houlding explains.
As data protection breaches have become daily headline news and everyone becomes increasingly sensitive about privacy, the regulatory regime is getting tougher. Data protection laws in Europe are more important than ever before - especially as the enforcement deadline of the EU GDPR looms.
RBI's recent move to mandate that all banks must use Aadhaar as the primary form of authentication for anyone accessing their bank account is stirring a debate about the long-term role of the authentication mechanism and associated data security issues.
As a security researcher at Cisco, Brad Antoniewicz has the opportunity to watch cybersecurity threats emerge and evolve. Among the latest: a shift in phishing campaigns to target cryptocurrencies. Antoniewicz explains the shift and how organizations can respond.