Your personal information is continuously harvested and analyzed by countless data brokers eager to sell to the highest bidder. From your name to your online activities, to your employment details and even your real-time location - all are on the market for anyone interested.
Join us for this webinar with Roger A....
In the dynamic and heavily regulated world of property insurance, companies are constantly seeking innovative ways to streamline operations and enhance security measures. Companies continue to struggle with effectively managing user access reviews (UARs) across their proliferating SaaS and cloud applications....
As the Department of Health and Human Services works on a proposed update to the HIPAA Security Rule this year, regulators are also ratcheting up enforcement efforts - including resuming long-dormant HITECH Act HIPAA audits, said Melanie Fontes Rainer, director of HHS' Office for Civil Rights.
As the volume of major health data breaches rises, the federal agency charged with investigating those incidents told Congress this week that it lacks the needed funding to keep up with its mounting workload. The agency also separately announced its second ransomware HIPAA breach settlement.
In the latest weekly update, four ISMG editors discussed the relatively low profile of cyberwarfare in recent international conflicts, the potential revival of a dormant HIPAA compliance audit program and the security implications of sovereign AI development.
Legacy DLP is broken due to excess complexity, extended time to value and misalignment with security and business goals, said Next's Chris Denbigh-White. Addressing insider threats in a meaningful way is one of the biggest data protection challenges for organizations, he said.
According to the 2022 Verizon Data Breach Investigations Report, insider threats and credential-based attacks comprise the majority of security breaches (over 90%) impacting organizations. Insider attacks involve malicious and negligent activity against an organization that originate from people who have been granted...
A mature cybersecurity program is not necessarily an effective one. And while many companies conflate maturity with efficacy, the CISO knows that when it comes to information security, there is a significant difference between the two.
Most of the time, maturity means there are systematic processes in place that...
While financial fraud has been prevalent for years, businesses still struggle to find it among large pools of data. In this second installment on accounting fraud, a panel of experts discussed the challenges including a lack of resources, skills and tools to identify fraud.
Online sports retailer Sports Warehouse has agreed overhaul its security program and pay a $300,000 fine to New York State after hackers stole 20 years' worth of payment card data and customer information the company was storing in plaintext on its e-commerce server.
Before he became a chief technical security officer at Qualys, Josh Hankins was a cybersecurity leader in financial services. He learned how security audit failures are increasingly costly, and he devised new strategies for audit preparation. He shares his insights here.
Darktrace has brought in Ernst & Young to review the cybersecurity AI vendor's financial process and controls following bombshell allegations from short seller Quintessential Capital Management. The review comes weeks after QCM claimed that Darktrace overstated its sales, margins and growth rates.
The SEC has come out with a wide range of proposed rules covering topics such as climate risk disclosures, SPACs, and now cybersecurity disclosures. In the event of a cybersecurity breach under the SEC’s proposed four-day time limit for cybersecurity disclosures, there are certain steps that must take place between...
Although small to medium enterprises - SMEs - do not have the security resources larger enterprise possess, they face the same risks. Here are five reasons you should consider consolidating your tech as you strive to find an effective, sustainable security stack that also keeps costs in check.
Unifying decision-making about privacy, security, ethics and governance poses a huge challenge from a regulatory and operational perspective, says OneTrust CEO Kabir Barday. OneTrust has created a network of 900 lawyers across 300 jurisdictions that feed intelligence into the company's platform.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.com, you agree to our use of cookies.