A bipartisan privacy proposal in the U.S. Congress backed by a key Senate Democrat and her House counterpart contains provisions that would place vast swaths of the American economy under new cybersecurity mandates. Support from Sen. Maria Cantwell distinguishes the bill from other recent attempts.
Robotic medical devices, such as surgical gear, offer great potential to improve patient care, but the cyber risks associated with these products must be carefully addressed, said Kevin Fu, director of the Archimedes Center for Health Care and Medical Device Cybersecurity at Northeastern University.
"Quiet quitting" is when employees strictly adhere to their job descriptions and meticulously avoid any tasks that fall outside their defined responsibilities. Here's how employers and employees can prevent it and create a workplace culture that promotes engagement, satisfaction and shared success.
Following Rubrik's announcement that it plans to list on the New York Stock Exchange, another company is considering trying its luck in the public market. Claroty is meeting with underwriters ahead of a possible 2025 IPO that could value the cyber-physical systems security titan at $3.5 billion.
A second cybercriminal gang - RansomHub - is trying to shake down Change Healthcare's parent company, UnitedHealth Group, and have it pay another ransom for data that an affiliate of ransomware-as-a-service group BlackCat claims to have stolen in February. Is this the latest ruse in a messy attack?
Zero trust architecture is a strategic pivot for safeguarding sensitive data. MarketsandMarkets' Rahul Mergu, who recently won ISMG's Dynamic CISO Award for his zero trust implementation, discusses the inadequacies of conventional VPN solutions that pushed him to adopt a zero trust architecture.
Foundations housing seven large open-source projects are banding together ahead of what they say is a nearly impossible 2027 deadline created by Europe's Cyber Resilience Act - the world's first digital supply chain regulation. European Union lawmakers approved the act in March.
Security researchers are warning about a relatively new malware called Latrodectus, believed to be an evolutionary successor to the IcedID loader. It has been detected in malicious email campaigns since November 2023, and recent enhancements make it harder to detect and mitigate.
As recovery from its Feb. 21 cyberattack continues, Change Healthcare and its parent company UnitedHealth Group are facing a growing pile of lawsuits, while health sector entities affected by the IT services disruption are dealing with a mounting stack of bills and other paperwork to catch up on.
In the latest weekly update, ISMG editors discussed key insights on OT security from the Cyber Security for Critical Assets Summit in Houston, the implications of a critical Linux utility found to have a backdoor, and a CISO's perspective on comprehensive cloud security strategy.
As Web 3.0 gains momentum, it poses major risks - economic uncertainties, cyberthreats and communication challenges, said RAID Square CEO Sébastien Martin. "There is a lot of regulation, and if you're not respecting the regulation, there is a lot of risk in terms of reputation," he said.
As organizations embrace digital transformation, software security challenges have become increasingly complex. Adriana Freitas, director of the European Foundation Anti-Phishing Working Group, offers insights on the imperative role of DevSecOps in modern cybersecurity practices.
Besides not doing cyberthreat modeling at all, some the biggest mistakes medical device manufacturers can make are starting the modeling process too late in the development phase or using it simply as a "paper weight exercise," said threat modeling expert Adam Shostack of Shostack & Associates.
The European Data Protection Board guides the harmonization of regulations across 27 EU member states. EDPB Chair Anu Talus sheds light on the board's mission and the transformative impact of the General Data Protection Regulation since its inception in 2018.
The Energy Department is hoping to catalyze next-generation solutions to cybersecurity vulnerabilities in the energy sector by funding the creation of university-based cyber energy centers nationwide that will bring together private sector partners and the future of U.S. cyber talent.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.in, you agree to our use of cookies.