Despite the rise in frequency and severity of ransomware attacks, there remain misconceptions in how to respond. Praveen Vunnava of Veritas and David Totten of Microsoft reveal how to build a comprehensive strategy based on three key principles: protect, detect and recover.
As ransomware and other disruptive security incidents continue to surge, cyberattacks rank as the top health technology hazard in hospital environments this year, say security experts Chad Waters and Juuso Leinonen of patient safety organization ECRI.
In just a month, the BlackCat cybercrime group has carried out high-impact ransomware attacks on international organizations and risen to seventh place in Unit 42's ranking of global ransomware groups. A key factor, researchers say: the use of the Rust language for coding its malware.
In 2021, there were 1,862 data compromises - a 68% increase over 2020, according to the Identity Theft Resource Center's Annual Data Breach Report. "In this past year, there were more cyberattack-related data breaches than there were all forms of data breaches in 2020," says ITRC COO James E. Lee.
U.S. authorities have mixed news for the healthcare and public health sector. The good news: The threat level posed by ransomware-as-a-service gang BlackMatter is reduced. The bad news: Other cybercriminals will undoubtedly fill the gap - if they haven't already.
In the first of a planned series of articles looking at strategies that have helped her and her teams over the years to not just survive a stressful environment, but thrive in it, cybersecurity executive and CyberEdBoard executive member Kerissa Varma offers this: Be a human, not a terminator.
Worst-case scenario: Ransomware gets through defenses. It's now a game of "Beat the Clock." David Finley of Dell Technologies and Andrew Peters of Unisys detail the cyber recovery road map and how to generate a plan to both respond to and recover from the attack.
Four ISMG editors discuss: how too many organizations fail to implement basic cybersecurity defenses - such as MFA; a proposed lawsuit against health insurer Excellus that calls for an improvement to its data security program; and strategies for securing open-source and other software components.
All organizations in Britain are being urged by the government to immediately bolster their business resilience capabilities due to an increased risk of fallout from cyberattacks targeting Ukraine. In the past, such attacks have amassed victims outside Ukraine, causing billions in commercial damages.
The latest edition of the ISMG Security Report features an analysis of whether a new ransomware operation is a spinoff of the notorious REvil or simply copying the group's moves; how Maersk responded to the NotPetya wiper malware attack; and essential incident response skills.
U.S. Security and Exchange Commission Chair Gary Gensler wants to broaden cybersecurity regulations. Among his concerns are the rising threat of cyberattacks due to the tensions between Russia and Ukraine, and a need to harmonize communications between financial firms and third-party vendors.
A proposed class action lawsuit has been filed against Ohio-based Memorial Health System in the wake of a ransomware attack last August that reportedly involved the Hive cybercriminal gang, resulting in a health data breach affecting nearly 216,500 individuals.
Despite Western governments' increased focus on disrupting ransomware, the quantity of new victims doesn't appear to have declined, at least so far. But multiple experts say that nation-state efforts to combat cybercrime syndicates are still picking up speed and may well yet have an impact.
A hacktivist group named Belarusian Cyber-Partisans says it has successfully attacked the country's railroad systems and encrypted some servers, databases and workstations to disrupt its operations. The group says its aim is "preventing the presence of Russian troops on the territory of Belarus."
"Email security doesn't get the attention it deserves" because "phishing is not going away and is not getting any less," says Jess Burn, a senior analyst at Forrester. She shares best practices for phishing prevention.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.