Chicago-based CommonSpirit is still waiting to hear back on its insurance claim for an October 2022 ransomware attack, but the hospital chain said disruption of some facilities and "significantly" hampered billing and collection activities contributed to a $1.4 billion operating loss for the year.
Under new U.S. Securities and Exchange Commission rules, companies must disclose material cybersecurity incidents and annually report on cybersecurity risk management, strategy and governance. Alex Hamerstone, advisory solutions director at TrustedSec, discussed the challenges ahead.
A late-stage SASE startup led by a serial entrepreneur hauled in a massive equity investment to address the feature and capability needs of large enterprises. The $238 million in funding will allow Cato Networks to more tightly align CASB and DLP with SASE to safeguard cloud apps and sensitive data.
Increased engagement from boards on digital transformation initiatives around cloud and AI adoption has spurred greater investment in cybersecurity, said Google Cloud CISO Phil Venables. Systems built and designed decades ago have become increasingly difficult to secure, he said.
An Ohio community college is notifying 290,000 people of a data theft breach this spring that may have compromised their personal and health information. Security researchers say small schools such as this are now favored targets. Some 80% of schools have reported hacking incidents in the past year.
Cisco's proposed $28 billion buy of Splunk allows businesses to move from threat detection and response to threat prediction and prevention by combining XDR and SIEM. The deal brings together Cisco's newly released XDR platform with Splunk's long-standing SIEM technology.
WatchGuard purchased a Massachusetts company to extend network detection and response capabilities traditionally reserved for high-end enterprises to the midmarket through MSPs. The deal gives WatchGuard clients more visibility into east-west network traffic and activity taking place on the cloud.
Federal authorities are warning of "significant risk" for potential attacks on healthcare and public health sector entities by the North Korean state-sponsored Lazarus Group involving exploitation of a critical vulnerability in 24 Zoho ManageEngine products.
This week, ISMG editors covered the hot topics at ISMG's London Cybersecurity Summit 2023, including the technical landscape of AI, executive liability, incident response strategies in the face of a global ransomware attack and how to build personal resilience to avoid burnout.
Any healthcare organization that embeds tracking technologies in its website should carefully review whether it is inadvertently violating HIPAA or other federal regulations, said Nick Heesters, senior adviser for cybersecurity at the Department of Health and Human Services' Office for Civil Rights.
Dragos completed a Series D extension to help organizations address enhanced OT security requirements from regulators and cyber insurance providers. The money will allow Dragos to help EU businesses affected by updated cybersecurity directives requiring many smaller organizations to boost security.
The Clop ransomware group's zero-day attack on MOVEit software was its fourth data theft campaign targeting secure file transfer users. Organizations can combat such attacks by using data minimization and encryption - among other defenses, says Teresa Walsh, global head of intelligence for FS-ISAC.
The drumbeat for potential federal legislation to better protect sensitive health information - or at least new regulations - appears to be growing louder in Congress. One of the Senate's four lawmaker doctors is quizzing the healthcare industry on ways to safeguard health data.
China hasn't ordered any restrictions on the use of Apple iPhones by government agencies, according to a Chinese government spokesperson, but the official cited recent security flaws in the iPhone and warned that foreign mobile device manufacturers must abide by domestic information security laws.
Authorities are warning of threats posed by Akira, a ransomware group that surfaced in March and has been linked to dozens of attacks on small and midsized entities. The group is targeting many industries, including healthcare, and seems to favor entities that lack MFA on VPNs.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.eu, you agree to our use of cookies.
