George Orwell's "1984" posited a world in which Big Brother monitored us constantly via "telescreens." But thanks to our "smart" AI home assistants - from Google, Amazon and others - we're increasingly installing the monitoring equipment ourselves, and it may "hear" much more than we realize.
Researchers at the security firm Tenable uncovered a vulnerability in a Siemens software platform used to manage industrial control systems, and Siemens has issued a patch. The same platform was exploited during the Stuxnet attack a decade ago.
A cybersecurity vulnerability discovered in open source software used by organizations conducting genomic analysis could potentially have enabled hackers to affect the accuracy of patient treatment decisions. But the vulnerability was patched before hackers took advantage of it, researchers believe.
An effective third-party risk management program starts with asking the right questions, says Brad Keller, chief strategy officer and senior vice president at the Santa Fe Group, a strategic advisory company, who spells out key issues to address.
Bipartisan healthcare legislation that a Senate health committee passed on Wednesday includes a provision that would incentivize healthcare entities to adopt "strong cybersecurity practices" by encouraging federal regulators to consider organizations' security efforts when making HIPAA enforcement decisions.
Cloudflare was unsparing in its criticism of Verizon over a BGP snafu that hampered 15 percent of its global traffic, as well as traffic of Amazon and Google. Verizon's error underscores that much heavy lifting remains to make critical internet infrastructure secure.
Hackers have repeatedly stolen valuable data - including launch codes and flight trajectories for spacecraft - from NASA's Jet Propulsion Laboratory in recent years, according to a new inspector general audit, which describes weak security practices.
Third-party risk has emerged as one of 2019's top security challenges, and the topic was the focus of a recent roundtable dinner in Charlotte. RSA's Patrick Potter attended that dinner and shares insight on how security leaders are approaching this aspect of digital risk management.
ISMG's Healthcare Security Summit, to be held in New York on June 25, will feature a top-notch roster of expert speakers, including regulatory and law enforcement authorities, CISOs from leading healthcare provider organizations and technology thought leaders.
License plate and traveler photos collected at the U.S. border have been compromised after a federal government subcontractor was hacked. While Customs and Border Protection officials claim the image data hasn't been seen online, security experts say it's already available for download via a darknet site.
A Kansas hospital has agreed to pay $250,000 to settle allegations that it falsely attested to conducting a security risk analysis as required under the HITECH Act electronic health records financial incentives program. Two whistleblowers in the case will receive $50,000 from the settlement.
Organizations across all sectors feel the cybersecurity skills gap. But Austin Murphy of CrowdStrike says it's not just skills - it's a capacity gap. He shares insight on how organizations can help bridge these divides.
Infosecurity Europe returns to London June 4-6, featuring more than 230 sessions over three days covering a range of topics, including application security, automation, data protection, risk management, incident response and threat analysis. Here's a preview of 11 hot sessions.
On the sixth stop of a multi-city tour, ISMG and Sonatype visited San Francisco for an engaging discussion on how to mitigate risks introduced by open source software. Sonatype CMO Matt Howard discusses the relevance and value of this application security conversation.