In the latest "Proof of Concept," Lisa Sotto, partner and chair of the global privacy and cybersecurity practice at Hunton Andrews Kurth LLP and David Pollino, former CISO at PNC Bank, join Information Security Media Group editors to discuss U.S. regulatory trends and supply chain risk management.
Recent breach reports filed by a law enforcement benefits health plan, a healthcare staffing firm and a rural medical center are the latest examples of the diverse range of healthcare sector entities being targeted by cyberattackers. What do experts recommend?
Days after the recent Okta data breach, parts of a security report, allegedly created by Mandiant, were leaked, giving the breach timeline and how the threat group gained access to Okta's environment. Security experts, including an Okta customer, discuss the report, supply chain risks and redress.
A public health department and a medical specialty practice are among the latest entities reporting major hacking incidents affecting tens of thousands of individuals' sensitive health information. Some experts say the breaches follow disturbing, evolving cyber trends.
A Texas dental and orthodontic practice that boasts of being "the official dentist" of the National Basketball Association team the Dallas Mavericks is notifying more than 1 million individuals of a 2021 breach involving patient information being viewed and copied by attackers.
The pandemic has raised the ante significantly for the attack surface and the level of insider threats facing healthcare sector entities, according to Dave Bailey, vice president of security services, and attorney Andrew Mahler, vice president of privacy and compliance, of consultancy CynergisTek.
This report analyzes how sanctions levied against Russia and Belarus for the invasion of Ukraine are affecting security researchers in those countries who participate in bug bounty programs. It also examines lessons to be learned from data breaches and developments in passwordless authentication.
A Tennessee pediatric hospital is dealing with a cyber incident disrupting patient services, and a Missouri medical center and Colorado cardiology group have reported breaches linked to their recent security events. Experts say these are reminders of the threats facing healthcare sector entities.
Automotive technology/parts supplier Denso confirmed that it suffered a ransomware attack last week. Investigations are ongoing. The company has not disclosed the ransom demanded or the attacker's name, but dark web monitoring platform DarkTracer says it's the work of the Pandora ransomware group.
After months of political infighting, a landmark cybersecurity provision requiring critical infrastructure providers to report security incidents and ransom payments has passed both chambers of Congress and now heads to President Joe Biden's desk. The mandate is part of an omnibus spending bill.
Amid escalating violence in Ukraine and sanctions meant to hobble Moscow, the Senate has passed a landmark cybersecurity package that bundles three substantial measures - mandatory incident reporting for critical infrastructure, an update to federal IT security strategy, and FedRAMP authorization.
Monongalia Health System, a West Virginia-based entity that reported a phishing breach in December, affecting nearly 399,000 individuals, this week reported a separate security incident that appears to have potentially involved ransomware. Are the incidents related?
Anyone trying to make sense of data breach trends faces a transparency challenge. Too often, a lack of detail undercuts consumers' ability to assess their identity theft risk and businesses' ability to block emerging attacks or ensure that their supply chains remain secure.
Hacking incidents still dominate the major health data breaches being reported to the U.S. Department of Health and Human Services in the first months of 2022 by far, with only one other type of breach appearing on the federal tally so far this year. Are organizations missing other breaches?
Are data breaches getting worse? So far for 2021, the number of records that were reportedly exposed declined slightly, while the total number of reported data breaches increased both in the U.S. and globally.