While major hacking incidents regularly grab headlines, insider threats - including malicious individuals, careless workers and third-party contractors - continue to pose significant and sometimes underestimated risk to healthcare sector entities, federal authorities warn.
Access Health, Connecticut's health insurance exchange under the Affordable Care Act, experienced dozens of mostly small data breaches over about a 3 1/2-year period, and the vast majority involved one contractor, says an auditor report that recommends the exchange make improvements to data security.
In this interview with Information Security Media Group, Tony Richards, Office of the CISO, Google Cloud, and Tim Erridge, Vice President of Services, Unit 42 Palo Alto Networks, discuss how security leaders can strengthen their threat intelligence programs to successfully preempt future attacks.
The latest edition of the ISMG Security Report reviews the latest cyber resilience "call to action" from the White House and also explores authentication provider Okta's failure to inform hundreds of customers in a timely manner that their data could have been stolen by the Lapsus$ group.
The pandemic has raised the ante significantly for the attack surface and the level of insider threats facing healthcare sector entities, according to Dave Bailey, vice president of security services, and attorney Andrew Mahler, vice president of privacy and compliance, of consultancy CynergisTek.
Insider risk and data loss prevention (DLP) are a top concern for organisations today. And it makes sense, with a distributed workforce and increasing reliance on technology, legacy, on-prem DLP technology hasn’t lived up to its promises.
That’s because data loss begins with people, whether careless, compromised...
Hacking incidents still dominate the major health data breaches being reported to the U.S. Department of Health and Human Services in the first months of 2022 by far, with only one other type of breach appearing on the federal tally so far this year. Are organizations missing other breaches?
A consolidated legal case that includes allegations of embezzlement, trade secret theft and intimidation offers an inside look at a complicated and messy alleged insider breach reported last year by a Texas-based accountable care organization.
Things are not always what they seem, says incident response expert Joseph Carson, pointing to a case involving ransomware that infected a company in Ukraine, but for which there was no external attack path. Ultimately, his investigation found that ransomware had been used to hide internal fraud.
The CISO for a Dallas-based school district quit his job over the district's handling of a severe data breach that occurred in August 2021. A TV broadcaster has revealed that two students in the district were responsible even though the district claimed the intruder was a "third party."
Pharmaceutical giant Pfizer alleges in a federal lawsuit that two former executives stole documents containing trade secrets about diabetes, obesity and cancer treatments under development by the drugmaker to benefit two new biotech startups they had launched.
In the midst of accelerated modernization, increased cybersecurity risks, and the new normal of hybrid work and learning environments, technology leaders in higher education have had to meet enormous challenges. As we enter the new year, what’s on their minds when it comes to issues of cybersecurity, hybrid...
No matter the root cause, the result is the same: reputation damage, fines, compliance issues, and of course the ripple effects that extend outward from a breach.
The increasingly connected home is a vulnerable part of the extended enterprise, especially as the line blurs between personal life and work, says Forrester principal analyst Heidi Shey. She encourages organizations to adopt a two-pronged approach to protecting the "work from home" workforce.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.eu, you agree to our use of cookies.
