This edition of the ISMG Security Report takes a look at how ready healthcare organizations are for GDPR compliance. Also featured: comments from Alberto Yepez of Trident Capital on the 2018 outlook for information security companies and a summary of the latest financial fraud trends.
It seems like every vendor in the data security industry makes predictions this time of year. Which ones should you pay attention to? All of them, says Dan Lohrmann, who formerly served as CISO of the state of Michigan.
Why is GDPR so fundamental a change to data processing law? Because new requirements, such as data portability and the right to erasure, will challenge the information governance processes of any organization, however mature. Additionally, joint liability between data controllers and their data processors represents a...
GDPR requires impacted companies to protect personal data of EU residents against data breaches. For security teams this means you must put in place measures that stop personal data from leaking out - without slowing down business processes.
Download this whitepaper and learn how to:
Determine which data is...
Information security truisms: 2017 was the year of more cybersecurity - more attacks, more spending, more defenses, more breaches - and 2018 will see more of everything "cyber," plus GDPR enforcement, proxy wars online and more.
The U.S. Securities and Exchange Commission is planning to update its 6-year-old cybersecurity guidance for how publicly traded firms report data breaches to investors. Experts expect the refined guidance to cover insider trading program rules, breach notifications and business models.
In the Face of Advanced Threats, is Your Organization's Security Posture Reactive or Proactive?
Today's most advanced threat actors - whether external or internal - are stealthier than ever and able to hide within one's systems for days, weeks or even months as they gather intel and prepare to strike. Sixty-one...
If you want to anticipate a prospective hacker's moves, then you'd better be able to think like one. Whether corporations like it or not, they're actually being tested by cyber criminals as we speak.
Download this whitepaper on ethical hacking and learn:
The definition of then term "cyologist";
Why we need to...
A recently published 2017 survey of over 400 security professionals in the U.S., U.K. and Germany measured how well their organizations implemented security controls for SSH keys. The results show that most organizations are underprepared to protect against SSH-based attacks, with fewer than half following industry...
SSH keys provide the highest level of access rights and privileges for servers, applications and virtual instances. Cyber criminals want this trusted status and invest considerable resources into acquiring and using SSH keys in their attacks.
Even though SSH keys are the credentials that provide the most privileged...
With just a few months left until the EU's General Data Protection Regulation will be enforced, too many so-called "experts" are spreading fear and falsehoods about the regulation, says Brian Honan, a Dublin-based cybersecurity consultant, who clarifies misperceptions in an in-depth interview.
The latest ISMG Security Report features a special report on securing medical devices. Healthcare security leaders from the FDA, an academic medical center and a medical device manufacturer share their insights on the challenges involved.
2016 was a year where more was more in the security world. The implications of the unprecedented leaks of comprehensive data sets, from political to intellectual property concerns, will have major impacts on the security landscape for years to come.
Download this whitepaper and learn:
Why classic attack vectors...
Are unpatched vulnerabilities leaving you at risk?
At the rate of almost half of all attack types, hackers are using injection attacks to take advantage of vulnerabilities in operating systems and applications to penetrate networks and databases.
Download this whitepaper and learn:
How attackers are using...