In an in-depth interview, John Halamka, M.D., the former long-time CIO at Beth Israel Deaconess Medical Center in Boston, discusses his upcoming move to head Mayo Clinic's global digital health initiative in collaboration with Google - and why privacy and security are so critical to those efforts.
Singapore's recent order requiring Facebook to label a blog critical of the ruling government as "false" has drawn harsh criticism. And the action calls into question how the country's new Protection from Online Falsehoods and Manipulation Act might be used to suppress free speech.
The FBI has a new suspect in its sights, and there's one in nearly every home: smart TVs. It warns consumers to be wary because the devices can pose privacy and security threats - an unsecured smart TV could be the avenue hackers use to gain access to a home network.
Your best bet to avoiding the potentially exorbitant costs of a vendor hack is to not have one in the first place. A solid vendor risk management program, backed up by technology, policies, and procedures is the best protection. Good review and audit processes can catch any vendor-related problems before they become...
A new malware campaign uses a Trojanized version of the game Tetris to target healthcare and educational institutions for credential stealing, according to Blackberry Cylance. Analysts have observed evidence of the threat actors attempting to deliver ransomware with the 'PyXie' Trojan.
Organizations that suffer a security incident must be prepared to rapidly respond. Here are eight incident response essentials they must follow, from executing their breach response and notifying stakeholders to activating external service providers and working with regulators.
German software giant SAP has apologized after a software update mistakenly assigned higher-level privileges to some users within New Zealand's firearms buy-back database, exposing personal details for gun owners. The system has been shut down by police.
Getting the proper vendor contracts completed is a top concern for organizations preparing to comply with the California Consumer Privacy Act, says Caitlin Fennessy, research director at the International Association of Privacy Professionals.
This year's Black Hat Europe conference in London features dozens of briefings touching on a wide variety of topics, including exploiting contactless payment and Bluetooth vulnerabilities, identifying vulnerable OEM IoT devices at scale and running false-flag cyberattacks.
Researchers uncovered an unsecured database belonging to TrueDialog, a business SMS texting solutions provider, which exposed data on millions, including text messages, names, addresses and other information, according to a report by VPNMentor researchers. The database has since been closed.
While there is little doubt that cybersecurity audits provide an additional layer of assurance, security practitioners often question their effectiveness. So, what are the ways to ensure the relevance of these audits?
Global security company Prosegur has blamed Ryuk ransomware for a service disruption that started Wednesday, which may have hampered networked alarms. Prosegur isn't revealing much detail but says it is in the process of restoring services.
The latest edition of the ISMG Security Report discusses new combination ransomware and doxing attacks. Plus, Twitter drops phone numbers in 2FA, and why we need to consider quantum cryptography today.