The European Union's (EU's) General Data Protection Regulation (GDPR), which began enforcement on May 25, 2018, dramatically increases the penalties for failing to properly protect users' personal data. The maximum fines that can be leveraged against an organization eclipse penalties that have been imposed in the...
A lack of standards spelling out to manufacturers their responsibilities for addressing the cybersecurity of their medical devices - especially legacy products - has left a big burden on the healthcare entities that use these devices, says Cletis Earle, CIO at Kaleida Health.
Behavioral analytics have taken the fast lane from emerging tech to mature practice. And Mark McGovern of CA Technologies says the technology is being deployed in innovative ways to help detect insider threats.
Driven by the EU's General Data Protection Regulation and other regulations, as well as the move to the cloud, more organizations are turning to data classification to help them silo and protect their most sensitive information, says Tony Pepper, CEO of Egress.
Michael Jones of Domain Tools says that studying domain ownership information gives organizations "contextual data around domains that may be attacking them," thus allowing them to better block attacks, avoid malicious sites and combat phishing campaigns.
Electric car manufacturer Tesla has sued a former employee for sabotage, alleging that he "unlawfully hacked the company's confidential and trade secret information" and gave it to third parties while leaving a trail designed to implicate other employees. The ex-employee, however, claims he's a whistleblower.
About three dozen major health data breaches have been added to the federal tally in recent weeks, including a mix of hacking and unauthorized access/disclosure incidents. Here's an analysis of the latest statistics and the reasons behind the trends.
Cybersecurity insurers, faced with growing demand, are looking for new ways to better measure their risks, says Aleksandr Yampolskiy, CEO of SecurityScorecard. So some are moving toward more carefully scrutinizing the cybersecurity postures of their potential clients.
A House committee that asked the healthcare sector for feedback on how to improve the cybersecurity of legacy medical devices has received some very strong opinions on the subject. Find out what commenters had to say.
Look at information security through the lens of business risk, and you'll begin to make decisions about security in light of their impact on the business. With security threats emerging faster than ever, what if your most important information is not protected? What strategic business advantage do you gain if it is...
A breach involving misdirected emails to nearly 56,000 patients allegedly tied to a sorting error by a business associate has taken an unusual twist: The organization involved, Dignity Health, is asking for patients' help in mitigating the privacy mishap. But could that move prove to be counterproductive?
Although all the major credit card brands have dropped the requirement for obtaining signatures to verify point-of-sale transactions made with EMV payment cards, they're not pushing strongly for using PINs instead, leaving that authentication decision to card issuers, says Linda Kirkpatrick of Mastercard.
Recent apparent hack attacks against Canadian banks, the sentencing of a Canadian for helping enable the Yahoo breach, and the Equifax breach's impact in Canada all point to the need to be more aggressive in ramping up cybersecurity efforts in light of emerging threats.
Protecting data has become more challenging as...