A ransomware attack against San Francisco's Muni public transportation network attack over the busy Thanksgiving holiday - and Black Friday shopping - weekend left more than 2,000 fare-handling systems locked, leading officials to let people ride for free.
Organizations in all sectors need to be aware of newly emerging insider threats, including those tied to the dark web, Michael Theis of Carnegie Mellon's CERT Insider Threat Center explains in this video interview.
Now that electronic health records have been widely adopted, the Department of Health and Human Services must do more to promote the exchange of complete, accurate and timely information, subject to appropriate privacy and security safeguards, according to a new federal watchdog report.
Cloud-based services can be both a "blessing and curse" when it comes to dealing with security, says John Houston, CISO and associate counsel for the University of Pittsburgh Medical Center, who explains why in this video interview.
Highlighting the latest ISMG Security Report: National Institute of Standards and Technology's Ron Ross explains how a new approach employing engineering principles can be used to build secure, trustworthy systems. Also, when a ransomware attack is deemed a breach.
Most - but not all - ransomware attacks against healthcare organizations are reportable breaches requiring notification to affected individuals and federal regulators, Deven McGraw, deputy director of health information privacy at the HHS Office for Civil Rights, explains in this video interview.
An analysis of how the Donald Trump administration will address health IT security and privacy leads the latest edition of the ISMG Security Report. Also, the ramifications of a big breach, and an FBI agent tackles ransomware.
Ransomware has been one of the highest-profile cybercrimes of 2016, and the FBI has been at the heart of many investigations. Jay Kramer, a supervisory special agent with the bureau, discusses what he's learned about defending against ransomware in this video interview.
In the wake of recent cyberattacks on the financial sector, the Insurance Regulatory Authority of India plans to develop by March 2017 a comprehensive cybersecurity framework offering guidance for insurers. Security experts weigh in on the priority areas that need IRDAI's attention.
U.K. Chancellor Philip Hammond used the launch of Britain's new five-year National Cyber Security Strategy to trumpet the country's strike-back capabilities. But other parts of the strategy - including more automated defenses - hold much greater promise.
In recent weeks, many more hacker attacks - including some ransomware assaults - on healthcare entities large and small have been added to the federal tally of major breaches, continuing a trend that started in 2015.
What are the critical elements of developing a "wartime" mindset to deal with serious cyber threats facing the healthcare sector? Find out how presenters and attendees answered this question at ISMG's Healthcare Security Summit.
The ransomware-as-a-service operation known as Cerber is earning at least $200,000 per month via ransoms paid by victims, says Check Point Software Technologies' Gadi Naveh. In an audio interview, he explains that bitcoins and high levels of automation are key to the operation's success.
From ransomware to targeted social engineering attacks, the threats to healthcare entities have changed enormously. Isn't it time for healthcare's cybersecurity strategy to change, too? That's the premise of Optum's Aaron Rinehart.
This year, the annual Black Hat Europe conference decamps from Amsterdam to London. What's in store? Everything from mobile ransomware and quantum-resistant crypto to "ego markets" and how to turn Belkin IoT devices into launch pads for DDoS attacks.