SSH keys are widely used to provide privileged administrative access but are routinely untracked, unmanaged and unmonitored. Mike Dodson of Venafi outlines an approach for better key protection.
The federal government, device manufacturers and healthcare delivery organizations have all raised their games to address medical device security. Now it's time for patients - those truly impacted by devices - to have their say in the discussion, says Suzanne Schwartz, M.D., of the U.S. Food and Drug Administration.
Ransomware plays on ever-bigger stages, but the fundamental question remains: To pay or not to pay? Fortinet's Sonia Arista, a former CISO, weighs in on ransomware and other hot breach trends.
As healthcare providers connect more and more devices to their networks, ensuring data security becomes far more complex, says Steve Hyman of Ordr, who describes best practices.
Chris Hickman of Keyfactor explains the challenges of securing and protecting medical devices and the data they collect while delivering the functionality that users demand.
Shifting from vulnerability management to vulnerability response is becoming increasingly important, says Syra Arif of ServiceNow, who describes three essential steps.
Jeff Gilhool of Lookout explains how phishing and malware are becoming bigger issues for mobile devices and describes what healthcare organizations can do to incorporate HIPAA compliance in their mobile device management plans.
Where is the data, who has access to it, and how is it being secured? These are among the top questions inherent in any third-party risk program. Cris Ewell, CISO of UW Medicine, shares insight from his experience managing vendor risk.
When it goes into effect in 2020, the California Consumer Privacy Act will give citizens of that state greater control over their personal data. Ginger Armbruster, the chief privacy officer for the city of Seattle, believes this trend toward greater personal privacy will spread across the U.S.
For years, security leaders focused primarily on malicious insiders - those who intend to do harm to an organization. But CISOs are increasingly concerned about the accidental insider. And Anne-Marie Scollay of Axiom Law has a program targeting this growing threat.
Critics say blockchain is a technology looking for a purpose, but Microsoft's David Houlding says organizations are using blockchain today to validate identities and to help prevent fraud. He shares use cases and emerging best practices.
HSBC paid a record $1.92 billion fine for money laundering violations in 2012. But no one ever went to jail for the crimes. Whistleblower Everett Stern discusses lessons learned from the case and the concept of "too big to jail."
Increasingly, regulators are looking to hold individual executives accountable for data breaches. This is where attorney Aravind Swaminathan steps in to represent security leaders in legal actions. What are the potential liabilities?
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.
