This edition of the ISMG Security Report features Global Cyber Alliance CEO Phil Reitinger previewing his keynote address at ISMG's New York Fraud and Breach Prevention Summit. He explains why he believes today's approach to cyber risk management is stuck in the "Bronze Age."
Cybersecurity has emerged as a key risk factor to be weighed during the due diligence process of any merger and acquisition. How should organizations on both sides approach the process? Steve Chabinsky of CrowdStrike share strategy.
The Democratic Party platform calls for balancing privacy and security concerns, and vice presidential nominee Tim Kaine endorses the formation of a commission to advise Congress on developing digital security and encryption laws.
Ransomware gangs are employing "customer service" agents to field victims' queries in an attempt to maximize their illicit profits, according to security firm F-Secure, which describes the encounters of someone posing as a victim.
The new "No More Ransom" portal is designed to emphasize that police and security firms are doing whatever they can to disrupt ransomware gangs, as well as to help more victims get their data back for free, says Intel Security's Raj Samani.
SentinelOne is taking a marketing gamble by offering to reimburse customers who suffer a ransomware infection if the security firm can't remediate affected systems. But let's take a close look at what's actually on offer.
Security firm ThreatConnect says Guccifer 2.0, who claims to be the lone hacker of the Democratic National Committee, may have close ties to Russia. But after reviewing related technical evidence, not all security experts agree.
The Petya ransomware gang says it released 3,500 crypto keys that it stole - along with source code - from rival Chimera ransomware developers. If the keys are legitimate, security firms say they can build decryption tools for Chimera victims.
A Georgia-based orthopedic clinic has confirmed it's one of the victims of cyberattacks by "The Dark Overlord" hacker who recently posted for sale copies of stolen databases he says contain millions of records. But the clinic is tight-lipped about whether it was a victim of extortion.
Leading the latest ISMG Security Report, some security experts expect the United States government to retaliate against Moscow for interfering in the American presidential election if the Obama administration determines the Russian government was behind the hack of Democratic Party computers.
The nation's HIPAA enforcement agency has dramatically ramped up its issuance of breach-related financial penalties. In the ninth enforcement action of 2016, it slapped University of Mississippi Medical Center with a $2.75 million fine after a breach investigation revealed big security woes.
A new portal - NoMoreRansom.org - aims to help ransomware victims avoid having to pay ransoms to get their data back. Backed by Dutch and EU law enforcement agencies, plus security firms Kaspersky Lab and Intel Security, the site includes the first decryptor for Shade ransomware.
Neither ransomware nor social engineering is new, but both are more advanced and effective than ever. How can organizations improve how they detect and respond to the latest threats? James Lyne of Sophos shares insight and advice.
In light of the surge of ransomware attacks in the healthcare sector this year, security risk adviser John Pironti of ISACA offers in-depth technical advice on preparing for - and reacting to - such attacks.
Security vendor Novetta recently led an independent investigation into the 2014 Sony breach. What lessons were learned, and how do they apply to today's threat landscape? Novetta's Peter LaMontagne shares key findings.