In the Face of Advanced Threats, is Your Organization's Security Posture Reactive or Proactive?
Today's most advanced threat actors - whether external or internal - are stealthier than ever and able to hide within one's systems for days, weeks or even months as they gather intel and prepare to strike. Sixty-one...
SSH keys provide the highest level of access rights and privileges for servers, applications and virtual instances. Cyber criminals want this trusted status and invest considerable resources into acquiring and using SSH keys in their attacks.
Even though SSH keys are the credentials that provide the most privileged...
"Machines" as we know them are going through an identity crisis. Our increased dependence on them is so profound that even the definition of machine is undergoing radical change. The number and type of physical devices on enterprise networks has been rising rapidly, but this is outstripped by the number of...
The latest ISMG Security Report leads with a look at how to protect patient data should President-elect Donald Trump and the Republican-led Congress follow through with their promise to dismantle Obamacare. Also featured is a discussion of whether IoT security should be regulated.
It's a story you'll watch unfold time and time again. The breach. The headlines. The confusion. The public apologies. The finger-pointing. And it's often followed by some form of the following statement: "But I was compliant." Compliance is never enough. The challenges are understandable, but taking the path of least...
The Democratic Party platform calls for balancing privacy and security concerns, and vice presidential nominee Tim Kaine endorses the formation of a commission to advise Congress on developing digital security and encryption laws.
Evolving criminal and unscrupulous internal threats to healthcare
data networks continue to plant seeds of fear and uncertainty
in the minds of healthcare IT professionals. Those fears are wellfounded;
a recent Information Week survey found that 91 percent
of small healthcare practices in North America say they...
After Kansas Heart Hospital suffered a ransomware infection and paid the demanded ransom, its attackers demanded more. At that point, the hospital reportedly declined to comply, relying instead on its pre-prepared backup and recovery plan.
Anonymous, which launched a DDoS attack on Bank of Greece's website and those of several other banks, plans to attack top banks from Southeast Asia. Can Indian banks deflect such attacks with adequate DDoS defences?
A jury's decision to award $940 million in damages to electronic health records software vendor Epic Systems, which had sued India's Tata Consultancy Services alleging theft of trade secrets, serves up lessons about the importance of restricting access to all sensitive data, including intellectual property.
Multiple hospitals from Hollywood to Germany have been hit recently by ransomware attacks. It's a reminder that no organization is immune to outbreaks of malware that's designed to forcibly encrypt all data stored on PCs and servers.
The unrestrained growth of digital information world-wide is making it extremely difficult for organizations to capture, manage, store, share and dispose of information in any meaningful way. With the challenges of an evolving regulatory environment and the information overload problem with management practices, many...
Despite numerous data breaches, as well as financial incentives and penalties, many healthcare organizations aren't taking risk assessment requirements seriously. Experts offer insights on best practices.
FTC settlement agreements in two cases involving data exposed on peer-to-peer networks offer a reminder of the risks involved in using the networks. Social Security numbers, healthcare information and other personal details were exposed.