Dr. James Breit recalled the day a hacker locked up his systems with ransomware at his plastic surgery practice. He paid $53,000 in ransom. Nearly, seven years later, after paying a $500,000 HIPAA fine, Breit claims he got better treatment from the cybercriminals than he did federal regulators.
Western governments should take a page from China's cybersecurity playbook and sponsor sector-specific capture-the-flag competitions, not just for talent development and recruitment but also to help forge strong "social bonds," says a new report from Washington think tank Atlantic Council.
A Colorado-based pathology laboratory is notifying more than 1.8 million patients that their sensitive information was compromised in an April hack, one of the largest breaches reported by a medical testing lab to U.S. federal regulators to date. Ransomware gang Medusa is blamed for the attack.
An upstate New York-based medical practice must spend $2.25 million to improve its data security practices over the next five years, plus pay state regulators up to a $1 million fine following an investigation into two ransomware attacks days apart in 2023 that affected nearly 224,500 people.
When a large hospital in an urban area is shut down by ransomware, the disruption can be significant, but when a rural hospital faces a similar cyber outage, the impact on patient safety and the community can be extreme, said Nitin Natarajan of the Cybersecurity and Infrastructure Security Agency.
Singapore regulators gave banks six months to institute real-time detection tools for blocking impersonation scams or else assume liability for stolen funds. A finalized framework published Thursday also shifts liability onto island-nation telecoms unless they block fraudulent SMS messages
In the latest weekly update, election security expert Annie Fixler joined ISMG editors to discuss the urgent challenges of safeguarding U.S. election infrastructure, countering cyberthreats and preventing foreign interference as Election Day approaches.
Traditional data center security approaches do not translate very well to cloud environments as cloud computing and Layer 7 applications have fundamentally changed the way organizations should implement security controls, said Traceable AI's Richard Bird.
Despite heavy security investments, banks still struggle with basic security issues such as default passwords, vendor vulnerabilities and social engineering scams. Scott Weinberg, CEO of Neovera, shares a new report that shows banks of all sizes still grapple with these common risks.
While ransomware attacks against medical devices don't happen often, disruptive cyber incidents that affect the availability of the IT systems that medical devices rely on are a big concern that needs the industry's critical attention, said Jessica Wilkerson of the FDA.
The Department of Health and Human Service last Friday submitted for White House review long-awaited updates to the 20-year-old HIPAA Security Rule containing modifications aimed at strengthening the cybersecurity of electronic protected health information.
Medical device makers have become more proactive in trying to meet higher cybersecurity expectations of regulators, but many still need to better understand the importance of life cycle security risk management and related issues, said Axel Wirth of Medcrypt and Christopher Gates of Velentium.
The Cybersecurity and Infrastructure Security Agency is ramping up its warnings of potential election interference and influence campaigns in the lead up to the November vote. But voters can be assured their ballots are secure and will be counted as cast, the agency said.
Ransomware gang BianLian has listed Boston Children's Health Physicians - a pediatric group that practices in New York and Connecticut - on its dark web site, threatening to release stolen patient and employee data. The practice said the September incident involved an IT vendor.
The U.K. government's proposed Cyber Security and Resilience Bill is a "good step forward" to encourage ransomware incident reporting, said Ciaran Martin, the former NCSC chief. But he said the success of the new regulations also hinges on the support mechanism for cyber victims.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.com, you agree to our use of cookies.