With no federal privacy law in place, individual states in the US are working to create their own privacy laws to protect their residents. California’s law is already in place, and Virginia just recently passed one of its own. Colorado has a law on the table for voting, while other states are trying repeatedly to...
With a goal of better matching the right patients to all the right medical records, federal regulators have issued new draft technical specifications for standardizing how patients' physical addresses are formatted and represented in health IT systems. But could the effort present new security and privacy risks?
A half-dozen security vulnerabilities recently identified in older versions of the Zoll Defibrillator Dashboard could allow an attacker to take remote control of device management, including executing arbitrary commands, as well as gain access to sensitive information and credentials, CISA warns.
You see the news: how many healthcare entities are struck by ransomware. But how many of them conducted business impact analyses before they were victims? Too few, says Cathie Brown of Clearwater. She discusses the value of doing a BIA before the crisis strikes.
Zero Trust, Firmware in the Supply Chain, and the Demand for Device Integrity
What does the Executive Order on Cybersecurity mean for security teams tasked with protecting endpoints, servers, and network devices? Download this report from Eclypsium to learn new Zero Trust requirements, their implications for device...
How much trust can you put in your devices?
Security concepts like Zero Trust can provide an essential framework for securing the remote work environment and your supply chain from attackers.
Download this guide from Eclypsium to learn:
How attackers capitalize on blind spots in device security
Five questions to evaluate and improve your device security posture in 2021
APTs and ransomware actors are increasingly leveraging firmware vulnerabilities to penetrate enterprise devices. To keep pace, you need to understand and address the risk to your organization.
This report from Eclypsium will help your team...
Financial institutions continue to struggle to screen growing volumes of customer and transaction data against a variety of watchlists. Growing regulatory scrutiny, continuously changing watchlists, and the complexities of an increasingly interconnected and international financial services ecosystem are exposing the...
As the U.S. hammers out national infrastructure legislation, implements President Biden's recent cybersecurity executive order and adopts other related initiatives, more attention and funding needs to be allocated to strengthen the healthcare sector's cybersecurity posture, industry groups urge.
Securing Identities, Credentials, and Access in Federal Government Agencies
Known as Federal Identity, Credential, and Access Management, FICAM is the U.S. government’s approach to Identity, Credential, and Access Management (ICAM). There are numerous federal laws, policies, and standards that influence the design...
Oakland County Improves Service and Decreases Costs with Okta
Oakland County, Michigan, is one of the largest counties in the United States and according to the Center for Digital Government, it’s also one of the most technologically advanced. To get there, the county needed to re-architect an infrastructure made...
The Biden administration's fiscal 2022 proposed budget for the Department of Health and Human Services calls for an increase in spending to protect HHS from evolving cyberthreats as well as funding boosts to support regulatory and enforcement efforts related to health data privacy and security.
Russian national Aleksandr Zhukov has been convicted by a U.S. federal jury of four charges - including wire fraud and money laundering - as part of the so-called Methbot scheme, which prosecutors say led to $7 million in digital advertising fraud.
A federal $25,000 HIPAA settlement with a clinical laboratory is significant because it calls for a wide-ranging corrective action plan. And the enforcement action is unusual because it's the result of a compliance review of a covered entity not directly tied to the data breach that triggered the investigation.
Healthcare went through five years of transformation over the course of 2020. How does this new telehealth focus most change how healthcare security leaders must view cybersecurity? Hank Schless of Lookout weighs in on remote services, connected devices and the cloud.