A report on the SEC targeting a Canadian company for fraud, alleging it cheated investors by exploiting a so-called Initial Coin Offering crowdsourcing funding system, leads the ISMG Security Report. Also, an NSA analyst pleads guilty in a case involving storing classified data on his home PC.
As data breaches increase in scale and frequency, businesses must ensure an effective, swift and well-orchestrated response. To help them, ISMG on Wednesday and Thursday will host a Fraud and Breach Prevention Summit in Mumbai offering insights from 20 leading CISOs and many other experts.
The timing of reporting breaches to law enforcement is important because it could slow down an organization's incident response and internal investigation, says privacy attorney Kirk Nahra.
Improving network security requires understanding your environment and controlling it before implementing network segmentation, says Nathaniel Gleicher of Illumio, who explains lessons that can be learned from the Secret Service's approach.
With roughly six months to go before the GDPR enforcement deadline, Petter Nordwall and Anthony Merry of Sophos says it's time for organizations to assess whether "They need to panic a little, or they need to panic a lot."
Federal regulators are reminding healthcare entities and business associates of the serious security and privacy risks that terminated employees can pose and offering advice for mitigating those risks.
A trio of Democratic senators is pushing for passage of a U.S. national data breach notification law. Data breach expert Troy Hunt tells lawmakers that data breaches will only get worse. But will Congress, which has rejected similar measures, enact this latest proposal?
Medical devices are increasingly used by cybercriminals to compromise networks, systems and patient data, says Dr. Jack Lewin of the consultancy Lewin and Associates, who's also chairman of the National Coalition on Health Care. That's why physicians should be advocates for better device security.
The lack of skilled personnel is hampering incident response, but automation can help, says Mike Fowler of DFLabs. Providing responders with "playbooks" for step-by-step incident response processes, for example, is essential, he contends.
Connected medical devices are a significant potential new attack surface that may not be covered by security tools and systems, says Ariel Shuper of Check Point Software Technologies. How can healthcare providers immunize their medical devices against threats before they are compromised?
Centralizing cloud security through security brokers improves data protection and can enable organizations to use more applications, says Gleb Evfarestov of Bitglass.
Cyberattacks are evolving in many ways, including new schemes to steal credentials as well as assaults by lower-skilled hackers using ransomware-as-a-service products, says Eric Rydberg of Sophos.
Spear phishing is the common trigger to many of the most popular - and successful - targeted attacks. How can organizations improve their defenses? Jon Clay of Trend Micro tells how to better spot and stop spear phishing.
Credit unions offer unique services to a unique member base - and they face unique challenges when rolling out multifactor authentication across all of their banking channels. Michel Nerrant of Crossmatch discusses how new biometric solutions can meet CU needs.
A commentary on the need for developers to be more deliberate in securing IT products leads the latest edition of the ISMG Security. Also featured: A report on Congress tackling voting machine security.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.