New guidance provides healthcare entities and medical device makers a jump-start for negotiating critical cybersecurity issues pertaining to procurement contracts, says Jim Jacobson of device manufacturer Siemens Healthineers, co-chair of an industry group that developed the contract template.
A surprising improvement in loss ratios for cyber insurance providers in 2021 means the rapid rise in premiums might at last subside later this year. The loss ratio declined for the first time since 2018 despite the frequency and severity of claims filed for cyberattacks increasing again in 2021.
Starting in July, the second Tuesday of every month will "just be another Tuesday," Microsoft says. After releasing patches for vulnerabilities in its software every second Tuesday of every month since 2016, Microsoft says it is now set to roll out automatic updates. Some security experts weigh in.
As market forces converge to make enterprises of all sizes more conscious of their own cybersecurity sophistication, John Randall of GoSecure proposes a road map to help assess where one is, where one needs to go - and to what degree third-party assistance is necessary.
At a time when applications are more business-critical than ever - and visibility is more challenging to achieve - we need to discuss new strategies and tools for maximizing application intelligence. Sujay Pathakji of Axiom Telecom and Srudi Dineshan of Gigamon share insights.
The Food and Drug Administration on Thursday issued revamped draft guidance providing updated and detailed recommendations for how medical device makers should address cybersecurity risk in the premarket of their products, especially as the threat landscape continues to evolve.
Bipartisan legislation proposed in the U.S. Senate and House aims to strengthen healthcare sector infrastructure by requiring medical devices manufacturers to implement critical cybersecurity measures for the regulatory premarket approval process and life cycle of their products.
In the wake of the great digital transformation, cybersecurity is more
important than ever and it's certainly drawing the board's attention.
But how does a security leader keep that attention and also
win over other key stakeholders in the enterprise all while ensuring that cyber maturity and quantifying risk is...
Access Health, Connecticut's health insurance exchange under the Affordable Care Act, experienced dozens of mostly small data breaches over about a 3 1/2-year period, and the vast majority involved one contractor, says an auditor report that recommends the exchange make improvements to data security.
In the latest weekly update, four editors at ISMG discuss important cybersecurity issues, including the lessons we can learn from Okta's breach fallout and subsequent response, how the first NFT rug pull of 2022 has amounted to over $1 million, and the much-anticipated return to in-person events.
Two serious remote-code-execution vulnerabilities have been discovered in VMware's widely used Spring, which is a platform for building online applications. With at least one of the vulnerabilities already being actively exploited, VMware urges immediate patching.
Globant, the Luxembourg-based software development company, on Thursday confirmed that an undisclosed actor - reportedly Lapsus$ - has illegally accessed the company's code repository, containing source code associated with some of its clients.
Sophos says it has provided a fix to a critical RCE bug known to be actively exploited primarily in South Asia. Sophos says no customer action is needed if the "Allow automatic installation of hotfixes" feature is enabled, but versions close to their end of life need manual configuration.
The White House is seeking fiscal 2023 budget increases for the Department of Health and Human Services, including a boost in funding for cybersecurity initiatives including medical device security and regulatory and enforcement efforts related to secure health data exchange.