During a recent business trip to San Francisco, ATM security expert John Buzzard stumbled upon an ATM that had been damaged by an explosive substance - a vivid reminder of an emerging threat. Buzzard offers insights on the latest ATM risks.
After 10 days of Microsoft not issuing an advisory or fix for a zero-day flaw found by Google that's being actively exploited in the wild, Google publicly revealed details of the flaw. But Microsoft says that puts its users at further risk.
For healthcare information security professionals, the time has come to adopt a "wartime mindset" to ensure patient information is safeguarded from cyber threats. That's why ISMG has recruited a diverse array of experts to provide timely advice at our Healthcare Security Summit in New York Nov 1-2.
Neutering the army of web-connected devices used in the large internet attack that hampered access to major sites - including Amazon, PayPal, Spotify and Twitter - is technically possible. But no option offers either a great or near-term fix.
In the twelfth HIPAA enforcement action so far this year, federal regulators have smacked St. Joseph Health System with a $2 million penalty after investigating a breach that exposed patient information to internet searches for more than a year. And more enforcement actions tied to other breaches are on the way.
Virtually every industry is prone to cyberattacks, online fraud and identity theft. For years' banks have secured online transactions for commercial accounts and private banking customers via multifactor authentication. Now through organizations like the NCSA and HIMSS, multifactor authentication may finally become...
With comprehensive network modeling extending into virtual networks, network security engineers can gain the needed visibility to unify security and compliance processes across their hybrid hardware and virtual environments.
Understanding the difference between cybersecurity crisis management and security incident response could be critical to your organization's survival. In this blog, a CISO offers insights on creating an effective crisis management plan.
Nine technology companies have recently founded the Vendor Security Alliance (VSA), an independent, non-profit coalition that aims to help member companies evaluate or assess the security and privacy of third-party providers whom they heavily rely on and even entrust their users most important data with. They also...
If you look beyond the political bickering and study the cybersecurity platforms that presidential candidates Hillary Clinton and Donald Trump have posted on their campaign websites, you'll see that their approaches are similar in some respects.
New long-awaited federal guidance clarifies that cloud services providers that handle protected health information are nearly always considered business associates under HIPAA and, as a result, must meet the regulation's security requirements.