Whether it's insider or third-party vendor access, organizations are realizing they need to do more with their privileged accounts and systems. But traditional approaches often leave organizations with wide gaps in security. Sam Elliott of Bomgar explains what companies need to look for when it comes to access...
So what actions can we expect in 2018 from the Department of Health and Human Services' Office for Civil Rights as it enforces the HIPAA privacy, security and breach notification rules? Making a prediction is difficult, given all the changes at HHS.
Organizations should take an "inside-out" approach to mitigating the insider threat, says Brandon Swafford of Forcepoint, who explains the components of that approach in an in-depth interview.
As data breaches increase in scale and frequency, businesses must ensure an effective, swift and well-orchestrated response. To help them, ISMG on Wednesday and Thursday will host a Fraud and Breach Prevention Summit in Mumbai offering insights from 20 leading CISOs and many other experts.
Federal regulators are reminding healthcare entities and business associates of the serious security and privacy risks that terminated employees can pose and offering advice for mitigating those risks.
Spear phishing is the common trigger to many of the most popular - and successful - targeted attacks. How can organizations improve their defenses? Jon Clay of Trend Micro tells how to better spot and stop spear phishing.
An in-depth look at the DMARC anti-spoofing system - which the U.S. Department of Homeland Security this past week said it will require federal agencies to adopt - leads the latest edition of the ISMG Security Report. Also, continuous monitoring of the insider threat.
As the global threat landscape shifts, so does Kaspersky Lab. Moving from its traditional cybersecurity focus, Kaspersky now is honing in on fraud prevention. Emma Mohan-Satta describes this shift and what it means for security and anti-fraud leaders.
Two researchers who launched a crowdsourced effort to subscribe to the Shadow Brokers' monthly leak of stolen Equation Group exploits - on behalf of the entire information security community - have dropped their effort, citing legal concerns.
Eastern European cybercrime is evolving, and some of the latest trends defy conventional wisdom. Moscow-based cybersecurity company Group-IB offers an analysis of some of these changes.
Sweden has ended a seven-year rape investigation against WikiLeaks founder Julian Assange. But it's far from the end of the legal troubles for the man whose spilling of secrets has shaped world politics.
Criminals have long aimed to separate people from their possessions. So for anyone who follows ransomware, the WannaCry outbreak won't come as a shock. Nor will longstanding advice for surviving ransomware shakedowns: Prepare, or prepare to pay.
The cybersecurity epitaph of the fired FBI director could read: "He showed courage to take on Apple." Comey publicly battled Apple CEO Tim Cook over unlocking the iPhone of the San Bernardino shooter, becoming the face of the proponents who seek ways to bypass encryption on mobile devices.
Here are five cyber-related takeaways from FBI Director James Comey's testimony before the Senate Judiciary Committee, including his rationale on notifying Congress of his decision to reopen the probe of Hillary Clinton's use of a private email server and steps the bureau is taking to defend against the insider threat.
Remember Microsoft's Wi-Fi Sense? A security researcher has discovered how the beleaguered feature in Windows 10 could force an unsuspecting user to automatically connect to a rogue access point.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing cuinfosecurity.com, you agree to our use of cookies.