Most of the criminal activity targeting today's enterprises originates at the endpoint, and the majority of modern breaches use known threats or vulnerabilities for which a patch already exists. For this reason, endpoint visibility must be complete and continuous.
Cybercriminals continue to rely on individuals who undertake the risky operation of moving illicit proceeds from one location to another. But these "money mules" face a multitude of risks, including imprisonment, police warn.
The latest ISMG Security Report features a special report on securing medical devices. Healthcare security leaders from the FDA, an academic medical center and a medical device manufacturer share their insights on the challenges involved.
Ethiopian dissidents living overseas had their devices infected with spyware made by an Israeli defense company, Canadian researchers allege. Their findings have revived longstanding concerns over some governments' potential abuse of powerful surveillance tools.
The hacker to whom Uber paid $100,000 to destroy data and keep quiet about its big, bad breach is a 20-year-old man living in Florida, Reuters reports. But numerous questions remain about the 2016 breach, including whether the payment was a bug bounty, extortion payoff or hush money.
The cloud gives organizations great new opportunities to deploy new systems and applications. It also creates a whole new level of cybersecurity exposure, says Gavin Millard of Tenable, offering tips to bridge that gap.
In an era where users are working simultaneously across mobile, social and cloud applications and platforms, organizations need to deploy identity and access management solutions that can scale and adapt quickly. IBM's Sean Brown describes the rise of Identity as a Service.
Healthcare technology has made leaps and bounds in terms of its ability to improve patient outcomes, and yet many technologies are being deployed before security concerns can catch up.
The alleged theft of mental health information on more than 28,000 patients in Texas, which went undetected for well over a year, is yet another reminder of the substantial risks that terminated employees can pose as well as the need to take extra steps to protect the most sensitive patient information.
Denial of Service, web application layer attacks, credential abuse and IoT - these are the attack trends and vectors that will make headlines in 2018. Ryan Barnett of Akamai offers insight into how to prepare your defenses.
If you want to anticipate a prospective hacker's moves, then you'd better be able to think like one. That's the position of Terry Cutler, an ethical hacker who dedicates his time to testing organization's cybersecurity defenses - and their people.
A report on the SEC targeting a Canadian company for fraud, alleging it cheated investors by exploiting a so-called Initial Coin Offering crowdsourcing funding system, leads the ISMG Security Report. Also, an NSA analyst pleads guilty in a case involving storing classified data on his home PC.
As data breaches increase in scale and frequency, businesses must ensure an effective, swift and well-orchestrated response. To help them, ISMG on Wednesday and Thursday will host a Fraud and Breach Prevention Summit in Mumbai offering insights from 20 leading CISOs and many other experts.
The timing of reporting breaches to law enforcement is important because it could slow down an organization's incident response and internal investigation, says privacy attorney Kirk Nahra.
Federal regulators are reminding healthcare entities and business associates of the serious security and privacy risks that terminated employees can pose and offering advice for mitigating those risks.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.com, you agree to our use of cookies.