In this edition of the ISMG Security Report, you'll hear our editors explore how hackers use Java script for ransomware, the latest digital currency security issue and privacy threats posed by virtual reality.
While awaiting new guidance from the HHS Office for Civil Rights, healthcare organizations can take several steps to help determine whether a ransomware attack is a reportable breach under HIPAA, says compliance attorney Betsy Hodge.
In the latest ISMG Security Report, our editors examine the top concerns of security practitioners gathered at Infosecurity Europe, NIST's planned revision of its cybersecurity framework and U.S. government efforts to make sure patients can securely access their electronic health records.
Cybercrime alert: In March, 93 percent of all phishing emails studied contained ransomware designed to forcibly encrypt PCs, says PhishMe chief operating officer Jim Hansen. In an interview, he offers insights on how to respond.
ISMG editors, in a special report, examine the status of data breach notification laws in a number of regions, including the European Union, which this past week implemented the General Data Protection Regulation, although enforcement won't take place for two years.
The U.S. Congress delves into the issue of whether CISOs should report to CIOs, a topic that leads the Friday, May 27, 2016, edition of the ISMG Security Report, an on-demand audio report offered every Tuesday and Friday.
Stu Sjouwerman, CEO of KnowBe4, has seen first-hand the devastating impact of ransomware on healthcare entities. And he knows traditional defenses aren't enough to ward off attackers. What's needed is a whole new approach to user education.
The College of Healthcare Information Management Executives is calling on Congress to create financial incentives for healthcare providers to boost their cybersecurity. Leslie Krigstein of CHIME offers examples of potential incentives in this in-depth audio report.
In today's rapidly changing cyber threat environment, the federal government needs to take a lead role in making sure mobile device security is adequate, says security researcher Stephen Cobb, who analyzes ongoing investigations by the FTC and FCC in this audio interview.
Organizations chosen for remote "desk audits" of their HIPAA compliance, which will begin this summer, need to be prepared to quickly provide supporting documentation, Deven McGraw, deputy director of health information privacy at the HHS Office for Civil Rights, explains this in-depth audio interview.
Cyberattacks are increasing in frequency, complexity, nuance and stealth. But human error, business compulsions and increasingly complex environments make it difficult to maintain adequate defenses, says Juniper Network's CTO for India and SAARC
There are two elements of a ransomware attack - the infection and then the action that takes place on infected devices. And both elements are evolving, says Ben Johnson of Carbon Black. He shares insight on how to improve ransomware defenses.
Breaches in the healthcare sector are continuing to surge, in part, because cybercriminals are building big data resources that can be used to fuel fraud, security experts Larry Ponemon and Rick Kam say in an audio interview discussing findings of a new Ponemon Institute report.