Healthcare technology has made leaps and bounds in terms of its ability to improve patient outcomes, and yet many technologies are being deployed before security concerns can catch up.
Email, which is too easily spoofed, phished or taken over, remains a leading cybersecurity risk. But finally, after years of pushing, the Domain-based Message Authentication, Reporting and Conformance standard, or DMARC is helping to bolster email security, says Phil Reitinger, CEO of the Global Cyber Alliance.
Spear phishing is the common trigger to many of the most popular - and successful - targeted attacks. How can organizations improve their defenses? Jon Clay of Trend Micro tells how to better spot and stop spear phishing.
Organizations must consider using privileged access controls throughout their entire "stack" of applications, as well as during the app development stages, says Andy Givens of CyberArk.
Many enterprises use remote desktop protocol to remotely administer their PCs and mobile devices. But security experts warn that weak RDP credentials are in wide circulation on darknet marketplaces and increasingly used by ransomware attackers.
Managing privileged access is a much bigger and more complex job today than it was even just a few years ago, says Scott Walker of Bomgar Corp., who offers insights on factors to consider.
To be successful, the quest to mitigate insider threat risks must start at the time employees are hired and continue as they move into different positions requiring varying degrees of data access, says Suzanne Widup of Verizon Enterprise Solutions.
Equifax ex-CEO Richard Smith asserts that a single employee's failure to heed a security alert led to the company failing to install a patch on a critical system, which was subsequently exploited by hackers. But his claim calls into question whether poor patch practices and management failures were the norm.
In response to nation-state attackers targeting its account users, Google reportedly is planning to offer stronger authentication to politicians, corporate executives and other at-risk individuals as part of a service called the Advanced Protection Program.
Two dozen federal agencies continue to experience security weaknesses in five critical areas, putting government systems and data at risk, according to a new watchdog agency report. But which agency spends the most on IT security?
A federal criminal case alleges that a former Hewlett-Packard Enterprise Corp. employee shut down Oregon's Medicaid information systems for several hours after he was laid off. Some security experts caution organizations to take steps to minimize risks from workers who are laid off or fired.
A zero-day vulnerability in Apple's built-in password manager can be exploited, allowing attackers to steal all stored credentials in clear-text format, a security researcher warns. The flaw affects the latest version of macOS - High Sierra - plus one or more prior versions.
A former systems administrator who worked at a Pennsylvania clinic group for only about three weeks has been sentenced to 27 months in prison in a case involving wire fraud and hacking computers. The case highlights the importance of managing administrative credentials, especially when employees leave.
In the move to a cashless economy in India and elsewhere, improving user authentication is critical, but users are demanding ease of use, says Singapore-based Tom Wills, director at Ontrack Advisory. He describes the roles that biometrics and artificial intelligence will play.
A former cybersecurity analytics specialist at health insurer Anthem, which experienced a massive data breach, offers insights on key steps organizations should take to avoid becoming the next breach victim in the headlines.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing cuinfosecurity.com, you agree to our use of cookies.