Application threat modeling enables the systematic evaluation of applications from an attacker's point of view, says Fouad Khalil of SecurityScorecard.
Why do CISOs need to continue to pay attention to perimeter security? Adam Bixler of Netscout Systems provides insights on the importance of countering rapidly evolving perimeter attacks.
Will the newly introduced Data Care Act prove to be a viable U.S. equivalent to the EU's General Data Protection Regulation, or is it destined to fail? An analysis leads this edition of the ISMG Security Report, which also features reports on robotic process automation and Mastercard's "fusion center."
Security operations centers are the hub for an organization's threat detection. But organizations can take a number of steps to improve SOC operations, says Kerry Matre of Palo Alto Networks.
In the latest in a series of HIPAA enforcement actions taken by states this year, Massachusetts Attorney General Maura Healey's office has signed a $75,000 consent judgment with McLean Hospital, a psychiatric facility, in connection with a breach that affected 1,500 individuals.
Facebook violated consumer protection law by failing to protect personal data that consumers thought they'd locked down, the District of Columbia alleges in a new lawsuit. Plus, Facebook is disputing a New York Times report that it ignored privacy settings and shared data with large companies without consent.
Several recent health data breaches point to the need to better mitigate the risks posed by email. Why do these incidents keep happening, and what can be done to help prevent them?
A large health insurer in Western Australia shared the home addresses of some psychologists to a web-based appointment booking service, according to a news report. The health insurer belated realized after a complaint from one practitioner that some psychologists work from home.
Federal regulators and medical device maker Medtronic have issued alerts about the lack of encryption on certain cardiac programming devices that could potentially allow inappropriate access to patient information.
Twitter says that an unspecified number of its users may have been targeted by state-sponsored hackers seeking to unmask their identity. Separately, Trend Micro says Twitter has blocked an account that was posting image memes designed to remotely control malware-infected PCs.
DigiCert just conducted a global study of how organizations across sectors are approaching IoT security. What are some of the best practices of the organizations that emphasize securing connected devices? Mike Nelson of DigiCert shares the findings.
In the aftermath of the Marriott breach, it's fair to characterize Gartner's Avivah Litan as mad as hell and not wanting the U.S. to take it anymore. Going into 2019, Litan has policy and technology recommendations for national cyber defense.
Ireland's privacy watchdog is probing data breaches at Facebook that exposed users' private data. In the latest breach to be disclosed, Facebook has warned that for a 12-day period in September, up to 6.8 million users' private photos may have been revealed to 1,500 apps built by 876 developers.
For the second time this year, health insurer EmblemHealth has been hit with a state financial penalty in connection with a 2016 breach that exposed Social Security numbers on mailings to more than 81,000 plan members.
Organizations are increasingly moving their mission-critical applications and data to Amazon Web Services (AWS) and taking advantage of the massive compute power of Amazon Elastic Compute Cloud (Amazon EC2).
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.