In the latest weekly update, four editors at ISMG discuss how Russia's invasion of Ukraine complicates cybercrime ransomware payments, a former U.S. Treasury senior adviser's take on Biden's cryptocurrency executive order, and important points regarding the upcoming identity theft executive order.
Michael Lines is working with ISMG to promote awareness of the need for cyber risk management. As a part of that initiative, CyberEdBoard posts draft chapters from his upcoming book, "Heuristic Risk Management: Be Aware, Get Prepared, Defend Yourself." This chapter is "Recognize the Threats."
The pandemic has raised the ante significantly for the attack surface and the level of insider threats facing healthcare sector entities, according to Dave Bailey, vice president of security services, and attorney Andrew Mahler, vice president of privacy and compliance, of consultancy CynergisTek.
It is critical for medical device manufacturers to take a threat modeling approach early in a product's design stage, say MITRE medical device cybersecurity experts Margie Zuk and Penny Chase, co-authors of the recently released Playbook for Threat Modeling Medical Devices commissioned by the FDA.
As the Russia-Ukraine war continues, healthcare sector entities need to be prepared to deal with potential spillover cyber incidents, says Anahi Santiago, CISO of ChristianaCare, the largest healthcare delivery organization in the state of Delaware. She discusses current cyber challenges.
What are the ethics of paying ransom to cybercriminals who might be working as a proxy cyber force in support of Russia's invasion of Ukraine? Realistically, whether or not to pay often comes down to a business decision. But Russia's invasion further complicates the optics for ransomware victims.
Expel is out with its new forward-looking report, "Great eXpeltations," and among the topics covered is supply chain targeting. Jon Hencinski of Expel and Bruce Potter of Clear Street share insights on why organizations must pay attention to these attacks.
Ukraine's cybersecurity authority says the country is fighting its first-ever hybrid war - combining conventional and digital warfare strategies and tactics. In this time of high alert, Rob Dartnall of Security Alliance calls for organizations to develop their threat intelligence capabilities.
Hacking group MuddyWater, linked to the Iranian Ministry of Intelligence and Security, is targeting Turkey and the Arabian Peninsula to conduct espionage and intellectual property theft and to deploy ransomware and destructive malware. The campaign uses malicious documents to deploy RATs on systems.
After months of political infighting, a landmark cybersecurity provision requiring critical infrastructure providers to report security incidents and ransom payments has passed both chambers of Congress and now heads to President Joe Biden's desk. The mandate is part of an omnibus spending bill.
Despite the drumbeat that began about a decade ago for healthcare entities to bolster their identity and access management, it is still an "incredibly weak" area for many, Lee Kim of HIMSS says. She discusses the effects of cyberattack trends and the Ukraine-Russia War on healthcare organizations.
Cybersecurity in Russia right now is complicated, owing to reprisals over its Ukraine invasion, leading to Russia launching its own root certificate to keep sites online; facing down "Russians only" RURansom wiper malware; and Avast being the latest business to suspend all operations in the country.
The ISMG Security Report features an analysis of the U.S. government's request for billions of dollars in tech aid to curb the global impact of the Kremlin's campaign in Ukraine. It also examines Biden's cryptocurrency executive order and why breached organizations often don't share full details.
An Alabama clinic and an Indiana-based orthopedic practice have each reported hacking incidents discovered last fall that affected the information of more than 310,000 individuals in total. Both entities list various measures they are taking to bolster security in the wake of those incidents.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.com, you agree to our use of cookies.