Fooling hackers into giving up traceable information about themselves through "reflective" social engineering is helping researchers curb fraud losses and protect would-be victims, say Dell Secureworks researchers Joe Stewart and James Bettke.
A new website is now available for reporting medical device vulnerabilities, says Dale Nordenberg, M.D., executive director of the Medical Device Innovation, Safety and Security Consortium, who explains how MD-VIPER works in this in-depth interview.
Plans to launch some onsite HIPAA compliance audits are now on hold while the agency that enforces HIPAA completes more than 200 desk audit reports, says Deven McGraw, deputy director of the Department of Health and Human Services' Office for Civil Rights.
Amidst the increasing security chaos facing individuals and organizations, one of the dominant themes at this year's RSA Conference was the need for information security professionals to do more, bringing order to enterprise IT security as well as by influencing public policy.
This edition of the ISMG Security Report features updates from RSA Conference 2017 on emerging technologies, the forthcoming White House cybersecurity executive order and Microsoft's call for a "Digital Geneva Convention."
The uptick of ransomware and other cyberattacks in the healthcare sector has prompted healthcare provider RWJBarnabas Health to make a number of important moves to help prevent, detect and respond to breaches, says CISO Hussein Syed.
The threat landscape for financial institutions has changed considerably since the DDoS attacks of 2012. Rich Bolstridge of Akamai Technologies tells how the definition of "adequate cybersecurity" has also shifted.
The best starting point for effectively safeguarding data and protecting against breaches is to clearly understand what kind of data an organization has, where it's located and the risks, says Jason Hart of Gemalto.
Immediately after the 2016 U.S. presidential election, there was a phishing attack that impressed experts with its ingenuity. Markus Jakobbson of Agari discusses this and other recent attacks - and what we must learn from them.
Increasingly, security leaders want to migrate from disparate point solutions to integrated security platforms. Kevin Flynn and Ravid Circus of Skybox Security lay out the business and security benefits.
Entities across all industry sectors appreciate the need for ensuring secure relationships with their third-party service providers. Jasson Casey of SecurityScorecard discusses new solutions for achieving those secure relationships.