What are the challenges facing the U.S. financial sector as it continues its enthusiastic embrace of cloud-based technology? Department of the Treasury Deputy Assistant Secretary Todd Conklin said the agency has been "doing the best we can to secure cloud" as firms increasingly adopt it.
Most healthcare workers don't check security protocols before trying out new generative AI tools such as ChatGPT, putting patient and other sensitive data at risk, said Sean Kennedy of software vendor Salesforce, which recently conducted research on potential security gaps in healthcare settings.
The use of cloud by financial services firms has risen from 91% to 98%, and multi-cloud for critical operations has risen dramatically, triggering greater risk and regulatory scrutiny, said Troy Leach, chief strategy officer at the Cloud Security Alliance, citing a new survey.
Cloud-based electronic health records vendor NextGen Healthcare is notifying more than 1 million individuals of a data compromise involving stolen credentials. The data breach appears to be at least the second alleged data security incident the company has investigated since January.
Regulators are continuing their campaign to enforce compliance with the HIPAA "right of access" provision. HHS on Monday said it had slapped a solo-practitioner psychotherapy counselor with a $15,000 settlement in a dispute involving a father who sought medical records of his three minor children.
The LockBit 3.0 ransomware group on Monday leaked 600 gigabytes of critical data stolen from Indian lender Fullerton India two weeks after the group demanded a $3 million ransom from the company. The stolen data includes "loan agreements with individuals and legal companies."
As the cyberthreat and regulatory landscapes are evolving, so too are the data security and privacy priorities of healthcare sector entities, said Taylor Lehmann, director, Office of the CISO, Google Cloud, who explains how organizations can respond to the challenges.
A Tennessee medical clinic and surgery center is still struggling to fully recover two weeks after a "sophisticated criminal cyberattack" - which included an attempt to steal data - forced the entity to take its IT systems offline and cancel most patient services.
In the latest weekly update, Venable's Grant Schneider joins ISMG editors to discuss takeaways from the RSA Conference 2023, the state of software supply chain security post-SolarWinds, safeguards to prevent unintended adverse impacts of AI, and whether AI could be used to write and digest SBOMs.
The tally of individuals whose sensitive information was compromised by the exploitation of a zero-day vulnerability in Fortra's GoAnyWhere secure file transfer software is growing by millions as more entities report heath data breaches to regulators.
White House cybersecurity priorities: The Biden administration continues to have a "relentless focus" on improving critical infrastructure security, disrupting ransomware and combating the illicit use of cryptocurrency, said Deputy National Security Adviser Anne Neuberger.
The final steps in mortgage closing involve much paperwork in the presence of attorneys, title companies and loan officers. While technology is available to simplify a complex and error-prone process, resilience and trust actually make e-closing a trustworthy experience for consumers.
A woman suing Lehigh Valley Health Network dropped her push for a court order requiring the medical center to pay ransomware hackers in exchange for their pledge to remove from the dark web partially naked exam room photos stolen during a hacking incident.
Healthcare sector entities' reliance on specialty and legacy equipment, including imaging systems and other gear, continues to present attractive targets for threat actors and a growing risk for medical providers, said Frank Catucci, CTO and head of research at security firm Invicti Security.
One Brooklyn Health is facing a proposed class action lawsuit in the wake of a data breach affecting more than 235,000 individuals, which the organization reported to regulators following a cyberattack late last year that disrupted its IT systems and patient services for several weeks.