Highlighting the latest ISMG Security Report: National Institute of Standards and Technology's Ron Ross explains how a new approach employing engineering principles can be used to build secure, trustworthy systems. Also, when a ransomware attack is deemed a breach.
Most - but not all - ransomware attacks against healthcare organizations are reportable breaches requiring notification to affected individuals and federal regulators, Deven McGraw, deputy director of health information privacy at the HHS Office for Civil Rights, explains in this video interview.
An analysis of how the Donald Trump administration will address health IT security and privacy leads the latest edition of the ISMG Security Report. Also, the ramifications of a big breach, and an FBI agent tackles ransomware.
Ransomware has been one of the highest-profile cybercrimes of 2016, and the FBI has been at the heart of many investigations. Jay Kramer, a supervisory special agent with the bureau, discusses what he's learned about defending against ransomware in this video interview.
In the wake of recent cyberattacks on the financial sector, the Insurance Regulatory Authority of India plans to develop by March 2017 a comprehensive cybersecurity framework offering guidance for insurers. Security experts weigh in on the priority areas that need IRDAI's attention.
U.K. Chancellor Philip Hammond used the launch of Britain's new five-year National Cyber Security Strategy to trumpet the country's strike-back capabilities. But other parts of the strategy - including more automated defenses - hold much greater promise.
In recent weeks, many more hacker attacks - including some ransomware assaults - on healthcare entities large and small have been added to the federal tally of major breaches, continuing a trend that started in 2015.
What are the critical elements of developing a "wartime" mindset to deal with serious cyber threats facing the healthcare sector? Find out how presenters and attendees answered this question at ISMG's Healthcare Security Summit.
The ransomware-as-a-service operation known as Cerber is earning at least $200,000 per month via ransoms paid by victims, says Check Point Software Technologies' Gadi Naveh. In an audio interview, he explains that bitcoins and high levels of automation are key to the operation's success.
From ransomware to targeted social engineering attacks, the threats to healthcare entities have changed enormously. Isn't it time for healthcare's cybersecurity strategy to change, too? That's the premise of Optum's Aaron Rinehart.
This year, the annual Black Hat Europe conference decamps from Amsterdam to London. What's in store? Everything from mobile ransomware and quantum-resistant crypto to "ego markets" and how to turn Belkin IoT devices into launch pads for DDoS attacks.
In a sign that investigators are paying more attention to disrupting stresser/booter services, script-kiddie-friendly Hack Forums recently announced that it will be shutting down its related Server Stress Testing forum.
The online advertising industry has a malware problem that, in part, has driven increased use of ad-blocking software. It's facing a complicated task: Clean up the security problems or face possible regulation.
We were promised flying cars. Instead, we get malware-infected CCTVs serving as remote launch pads for digital attacks that help criminals earn cryptocurrency by crashing large parts of the internet. But new defenses offer promise for blunting such attacks.
For healthcare information security professionals, the time has come to adopt a "wartime mindset" to ensure patient information is safeguarded from cyber threats. That's why ISMG has recruited a diverse array of experts to provide timely advice at our Healthcare Security Summit in New York Nov 1-2.