What are the most common causes of major health data breaches that have been added to the official federal tally so far this year? Read this analysis to find out the details.
Because of the wealth of personal information available on the dark web, breach detection and remediation are more urgent than prevention and protection, says Nick Hayes of IntSights.
Multi-stage attacks use diverse and distributed methods to circumvent existing defenses and evade detection - spanning endpoints, networks, email and other vectors in an attempt to land and expand. Meanwhile, individual tools including DLP, EDR, CASBs, email security and advanced threat protection are only designed to...
The ISMG Security Report features Chris Painter, commissioner of the Global Commission on the Stability of Cyberspace, discussing cybersecurity policy for the 2020 U.S. elections. Plus, an update on the cost of the Norsk Hydro ransomware attack and the challenges of controlling real-time payments fraud.
A proposed settlement in a class action lawsuit filed against ULCA Health in the wake of a 2015 cyberattack affecting 4.5 million individuals stands apart from other settlements because it requires the organization to spend a substantial sum on improving its security, says attorney Steven Teppler.
Norsk Hydro reports that a March 18 ransomware attack has already cost the aluminum manufacturer more than $40 million, and the company continues to bring its systems back online.
Shortly after a massive data breach affected up to 50 million accounts last September, Facebook didn't believe the incident needed to be reported under Australia's mandatory breach notification law. While Facebook voluntarily notified all users, emails show the company initially underestimated the breach.
One way to ensure greater protection for consumers and their personal information following massive data breaches is to give the U.S. Federal Trade Commission the ability to impose greater civil penalties against consumer reporting agencies, such as Equifax, a new government report concludes.
New studies debut every day in the cybersecurity field. But how does one separate true research from marketing hype? Researchers Wade Baker and Jared Ettinger discuss the distinguishing qualities of credible studies.
Beazley Breach Response Services, a unit of global insurance company Beazley, reports that nearly half of the more than 3,300 breaches it investigated last year traced to a hack attack or malware infection. And half of those hacking/malware attacks were tied to business email compromise schemes.
A sophisticated attack campaign dubbed "Operation ShadowHammer" involved an advanced persistent threat group planting backdoors within Asus computers by subverting the Taiwan-based PC maker's third-party supply chain and updater software, Kaspersky Lab warns.
Victims of hurricanes, wildfires and other disasters now face a second hit: The U.S. Federal Emergency Management Agency inadvertently shared 2.3 million disaster survivors' personal data of with an agency contractor, leaving victims at increased risk from fraud and identity theft.
What's hot on the cybersecurity legal front? For starters, in 2018, the U.S. Department of Justice indicted twice as many alleged state-sponsored attackers than it had ever indicted, says Kimberly Peretti of Alston & Bird.
The Oregon Department of Human Services is among the latest entities to reveal a phishing breach impacting the protected health information of hundreds of thousands of individuals.
Since the EU's new GDPR privacy law came into effect in May 2018, one challenge for organizations that suffer a breach is knowing whether or not they must report it to authorities, says Brian Honan, president and CEO of BH Consulting in Dublin.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.com, you agree to our use of cookies.