Information security and risk management teams are frequently asked to update their Board of Directors with the cybersecurity posture of both their company and their vendors. Gartner estimates that by 2020, 75% of Fortune 500 companies will treat vendor risk management as a Board-level initiative to mitigate brand and...
After suffering one of the worst data breaches in history, in which 145.5 million U.S. consumers' personal details were stolen, credit bureau Equifax has hired Jamil Farshchi to serve as its new CISO. Farshchi joins from Home Depot, which hired him after suffering a massive data breach.
A Canadian museum had multiple points of possible infiltration to protect: employees with memory sticks, phishing attacks, visitors and contractors connecting to Wi-Fi, and exhibit computers. Additionally, the museum had prevented ransomware attacks in the past, but needed to increase its level of protection.
The...
This monthly Security Agenda will highlight some of the most recent additions to our course library. This month's edition features Christiana Care's Anahi Santiago on 2018 risk management priorities. Another influencer, Lewin and Associates' Dr. Jack Lewin discusses the latest medical device security threats. This...
The White House, fearing China is spying on phone calls, has suggested that the U.S. government take a primary role in marshaling the development of secure 5G networks. But would nationalizing 5G networks make them more secure?
As the healthcare sector implements a variety of new applications and increasingly moves to the cloud, it has a fresh opportunity to address security, says Daniel Bowden, CISO at Sentara Healthcare, who discusses best practices.
This episode of the ISMG Security Report is devoted to producer/host Eric Chabrow's recollection of the evolution of cybersecurity news and analysis during his nine years at Information Security Media Group. Chabrow is retiring after 45 years in journalism.
Ira "Gus" Hunt, a security expert who was formerly CTO at the CIA, analyzes why many large healthcare provider organizations plan to boost cybersecurity spending in 2018 and discusses the role of emerging technologies.
In the Face of Advanced Threats, is Your Organization's Security Posture Reactive or Proactive?
Today's most advanced threat actors - whether external or internal - are stealthier than ever and able to hide within one's systems for days, weeks or even months as they gather intel and prepare to strike. Sixty-one...
An assessment on whether North Korea is behind the WannaCry ransomware attacks leads the latest edition of the ISMG Security Report. Also, the co-author of NIST's revised Trustworthy Email special publication discusses changes in the guidance.
A recently published 2017 survey of over 400 security professionals in the U.S., U.K. and Germany measured how well their organizations implemented security controls for SSH keys. The results show that most organizations are underprepared to protect against SSH-based attacks, with fewer than half following industry...
"Machines" as we know them are going through an identity crisis. Our increased dependence on them is so profound that even the definition of machine is undergoing radical change. The number and type of physical devices on enterprise networks has been rising rapidly, but this is outstripped by the number of...
The HITRUST Cyber Threat Xchange played a role in making U.S. healthcare organizations aware of the worldwide WannaCry ransomware campaign early enough to help them thwart the threat, says HITRUST's Elie Nasrallah.
Christiana Care Health System, which operates a network of hospitals, is working on several risk management priorities for 2018, including adopting the HITRUST framework, implementing appropriate controls for protecting against emerging threats and phasing in new security technologies, says Anahi Santiago, CISO.
Email, which is too easily spoofed, phished or taken over, remains a leading cybersecurity risk. But finally, after years of pushing, the Domain-based Message Authentication, Reporting and Conformance standard, or DMARC is helping to bolster email security, says Phil Reitinger, CEO of the Global Cyber Alliance.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.co.uk, you agree to our use of cookies.