Cyber risk quantification (CRQ) is the measure of an organization’s cyber risk expressed in monetary terms, like dollars. CRQ has many benefits, but few security professionals understand how to implement it.
Join Paul Kelly, former head of risk at HSBC, and Chris Griffith, chief product officer at Balbix, as they...
Okta has stemmed employee attrition and accelerated customer identity sales by clarifying product function but now has to grapple with longer sales cycles for small to midsized businesses. Okta says efforts to reposition its customer identity offering over the past quarter have borne fruit.
The Department of Health and Human Services has issued a new proposed rule to better align the HIPAA privacy and breach notification rules with regulations involving the confidentiality of records pertaining to patients receiving treatment for substance use disorders.
Healthcare providers and their vendors often fear federal regulatory action, but do fines and corrective action many any difference at all? As breach cases have nearly doubled since 2018, federal fines dropped 93% in 2022, and some say the agency is understaffed and crippled by legal challenges.
RegScale has purchased a startup founded by the FCC's former chief data officer that makes documenting compliance easier for nontechnical personnel by using a questionnaire. The GovReady deal means customers will be able to demonstrate their adherence to standards by answering questions.
An Indiana healthcare network, Community Health Network, is the latest medical entity to classify its use of online tracking code as a data breach reportable to federal regulators. It said the unauthorized access/disclosure breach affected 1.5 million individuals.
The United Kingdom is the newest front in the long-fought conflict over end-to-end encryption, as a slew of civil society groups urge the prime minister not to back legislation empowering regulators to force online intermediaries into providing decrypted messages.
A multitude of state privacy laws taking effect in 2023 has forced organizations to revamp their compliance programs to incorporate the disparate requirements, says Lisa Sotto. Companies across every industry face a threat environment that's more active and malicious than ever before.
The shortage of cybersecurity professionals in the United States includes a scarcity of expertise in medical device security, says Bill Aerts, senior fellow and managing director of the University of Minnesota's recently launched Center for Medical Device Cybersecurity.
Cyber resilience extends beyond cyberattacks and encompasses the convergence of security and disaster recovery and takes into account other factors such as supply chain disruption, attacks on critical infrastructure, epidemics, market fluctuations, power outages, and natural disasters.
Cybersecurity experts warn that large healthcare and public sector organizations are continuing to get hit by "big-game hunting" attackers wielding Lorenz ransomware. Among the group's known victims are Wolfe Eye Clinic in Iowa and Salud Family Health of Colorado.
As the U.S. celebrates Thanksgiving, let's give thanks for this cybercrime karma: For more than two years, law enforcement and security experts have been exploiting flaws in the crypto-locking malware to help victims decrypt their systems without paying a ransom.
Microsoft says vulnerabilities in outdated web servers are likely responsible for a cyberattack last month against Indian energy giant Tata Power. Attackers targeted Boa servers, which were discontinued in 2005, to potentially compromise Tata and other critical infrastructure organizations around the world.
Over 5,000 major health data breaches since 2009 have affected the personal information of 370 million people. Ransomware gangs and hackers are targeting healthcare providers, insurance firms and partners at an alarming rate. Experts explain why it's such a dangerous game.
The U.S. Army has embarked on its zero trust journey for both its information and network operations. Army CIO Dr. Raj Iyer shares how the military and the private sector are partnering to secure cloud infrastructure and solidify threat intelligence capabilities to fight adversaries.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.eu, you agree to our use of cookies.