The latest edition of the ISMG Security Report is devoted to a special report on how enterprises around the world should prepare for the European Union's General Data Protection Regulation, which starts being enforced in May.
How can organizations adequately assess their risks, exposure and compliance? During this session, Sam Kassoumeh of Security Scorecard walks through how businesses of any size can effectively identify and classify their risks and compare how their current cybersecurity solutions are measuring up.
The healthcare industry is at an information security crossroads, ill-prepared for the cyberattacks increasingly targeting healthcare organizations. This session reviews how the focus on security regulatory compliance has hindered the healthcare industry's ability to prevent, detect and respond to the current cyber...
Data protection legislation and regulatory enforcement actions are rapidly changing throughout the world and are having an immediate impact on how organizations globally approach cybersecurity, privacy, breach notification and data storage and protection. However, too frequently, U.S. healthcare sector organizations...
What do a Fortune 100 pharmaceutical company, one of the largest hospital systems in the U.S. and a bank with several trillion in assets have in common? All three have successfully used CASBs to mitigate security and compliance risk while enabling the public cloud applications their businesses needed, apps such as...
Leading the latest edition of the ISMG Security Report: an interview with NIST's Ron Ross about revised guidance on how to get C-suite executives to help shape information risk management. Also, DHS, FBI leaders outline goals for protecting the U.S. election system.
New York state's financial regulator has reportedly subpoenaed Equifax - in the wake of it suffering a breach affecting 143 million U.S. consumers - seeking extensive documentation, including when and how the credit-reporting agency discovered the breach and responded.
Card issuers can view the merchants with whom a cardholder does business, the frequency of a cardholder's purchases, and the devices and IP addresses associated with that specific card. While this allows them to understand and assess certain patterns of behavior for individual cardholders, it restricts analysis to the...
It's the age of "open banking," and that means changes for banking institutions and their customers - as well as for the fraudsters. Shaked Vax of IBM Security Trusteer talks about new vulnerabilities and anti-fraud strategies.
Organizations that must comply with Europe's GDPR need to identify gaps in their ability to meet various requirements, including making prompt breach notifications and gaining consumers' consent to store their data, says Sunil Chand of Grant Thornton.
In North America, many organizations mistakenly believe the European Union's General Data Protection Regulation won't impact them, says Robert Mills of the Information Security Forum. "If they are multinational and holding EU data, it does apply to them," he points out.
Equifax is facing increased scrutiny from Congress, including a bill that would mandate free credit freezes for consumers, on demand. But a true fix would require Congress to give U.S. government consumer watchdogs more power.
The notion of patching the most critical vulnerabilities is outdated and ineffective thanks to today's black market for exploit kits, says Kevin Flynn of Skybox. Evaluating the exposure and context of holes in your organization is crucial to shoring up defenses, he says.