In an in-depth interview, John Halamka, M.D., the former long-time CIO at Beth Israel Deaconess Medical Center in Boston, discusses his upcoming move to head Mayo Clinic's global digital health initiative in collaboration with Google - and why privacy and security are so critical to those efforts.
Your best bet to avoiding the potentially exorbitant costs of a vendor hack is to not have one in the first place. A solid vendor risk management program, backed up by technology, policies, and procedures is the best protection. Good review and audit processes can catch any vendor-related problems before they become...
Getting the proper vendor contracts completed is a top concern for organizations preparing to comply with the California Consumer Privacy Act, says Caitlin Fennessy, research director at the International Association of Privacy Professionals.
Global security company Prosegur has blamed Ryuk ransomware for a service disruption that started Wednesday, which may have hampered networked alarms. Prosegur isn't revealing much detail but says it is in the process of restoring services.
Creating effective strategies for securing digital India's assets is challenging. For example, the growth of the cashless economy and increase in digital transactions have made consumers' data more vulnerable to cyberattacks, creating a more urgent need to protect digital assets.
This session discusses:
To help security practitioners address their cybersecurity challenges, ISMG is hosting a Cybersecurity Summit on Nov. 21 in Mumbai, best practices in tackling cybersecurity issues. Among the speakers: Loknatha Behera, Kerala's state police chief, and former Supreme Court Justice B. N. Srikrishna.
As the level of cyber-risk faced by organizations of all shapes and sizes grows every year, security ratings services have emerged as important tools to help companies assess the level of risk imposed by their vendors as well as quantify their own security performance.
However, as the market matures and new...
Organizations should develop a comprehensive strategy for managing third-party security risks and avoid over-reliance on any one tool, such as vendor security risk assessment, monitoring or ratings services, says analyst Jie Zhang of Gartner.
Deception technologies can play a critical role in mitigating cyber risks, says Devender Kumar, CISO at TMF Group, who also other sizes up other key technology investments and reviews challenges CISOs are facing. He'll be a featured speaker at ISMG's Cybersecurity Summit in Mumbai on Nov. 21.
Agile environments benefit from development platforms and open-source software, but that also raises the risks of attacks seeded in those supply chains, says Chet Wisniewski of Sophos, who describes steps that organizations can take to mitigate the risks.
Robotic process automation aims to use machine learning to create bots that automate high-volume, repeatable tasks. But as organizations tap RPA, they must ensure they take steps to maintain data security, says Deloitte's Ashish Sharma.
Large or small, enterprises from all sectors are dealing with the same vulnerabilities in open source code. The difference: the scale of the problem. DJ Schleen of Sonatype discusses insights from the latest ISMG roundtable dinner.
What's the purpose of ISO 27701, the new privacy extension to the ISO 27001 information security management standard? Matthieu Grall, CISO and DPO at SodiFrance, a French IT services company, who participated in development of 27701, explains the standard and discusses "privacy by design" compliance issues.