Neither ransomware nor social engineering is new, but both are more advanced and effective than ever. How can organizations improve how they detect and respond to the latest threats? James Lyne of Sophos shares insight and advice.
In light of the surge of ransomware attacks in the healthcare sector this year, security risk adviser John Pironti of ISACA offers in-depth technical advice on preparing for - and reacting to - such attacks.
Security vendor Novetta recently led an independent investigation into the 2014 Sony breach. What lessons were learned, and how do they apply to today's threat landscape? Novetta's Peter LaMontagne shares key findings.
MacKeeper failed to alert customers earlier this year that for at least four weeks, its anti-virus software wasn't receiving regular signature updates. Industry experts say any such delay is unacceptable for an AV vendor.
The increase in breaches is having a positive impact on IT security employment, as headlines about one cybersecurity incident after another serve as recruiting tools for skilled cyber defense workers. The IT and IT security workforce reached record levels this past quarter.
Examining the human factor in the age of cyber conflict and the new healthcare challenge concerning ransomware highlight this edition of the ISMG Security Report. Also, hackers target the Republican convention.
FireEye has dealt with more disruptive data breaches over just the past year than it has since the company was founded 12 years ago. Charles Carmakal, vice president with the company's Mandiant forensics unit, shares tips for handling a breach.
The federal agency that enforces HIPAA has been very busy lately, taking numerous steps to reiterate the importance of safeguarding patient data and stressing the need to prepare a breach response plan. But the agency still needs to improve transparency on breaches involving business associates.
Oregon Health & Science University says it has been slapped with a $2.7 million fine after HHS investigated two data breaches that affected a total of about 7,000 individuals. It's the eighth HIPAA-related settlement announced by HHS so far this year.
Some healthcare entities may be more likely than organizations in other sectors to pay extortionists to unlock data that's been encrypted in ransomware attacks because patients' lives are potentially at risk if data is unavailable, says security expert Kate Borten, who discusses risk management issues.
In just two years' time, RSA analysts have seen a 170 percent rise in incidents of fraud via the mobile channel. What's behind the spike, and what can security leaders do to help their organizations and customers curb fraud losses?
An analysis of the record of the U.K.'s new prime minister, Theresa May, on cybersecurity and online privacy and a report on efforts to create an antidote to ransomware highlight this edition of the ISMG Security Report.
How low will ransomware go? New malware - dubbed Ranscam - demands bitcoins to unlock files, but in reality they've already been deleted, researchers warn. As always when it comes to defending against ransomware, preparation pays.
Most ransomware attacks result in a breach of protected health information that must be reported under HIPAA, according to newly released federal guidance for healthcare entities and business associates. But is the guidance clear enough?
Ransomware is devastating, and current security software doesn't do a great job of stopping it. But researchers say ransomware's behavior - quickly encrypting large volumes of files before users have time to react - could be the key to solving this epidemic.