In the 2015 Anthem data breach, the compromise of an adminstrator’s credentials was the initial entry point that caused the breach and exposure of 13.5 million patient records. High-profile, high-impact breaches like this are spurring healthcare enterprises to institute more cybersecurity defenses and to monitor the insider threat.
Your company may think it has adequate insurance coverage for a network breach, but there’s a good chance that it does not. According to the findings of a recent UK government report, over half of the companies surveyed thought they had the right coverage in place, while only 10 percent actually did. Another sizable group of those surveyed responded that they had no idea which of the many cyber risks facing their company even could be insured.
Organizations that have suffered a ransomware attack before are more likely to pay up again, and keep mum about it too, according to a ThreatTrack study.
This month’s column takes over where we left off in April, bringing to a close our Top 10 list of widely held cybersecurity myths. This month’s list should prove no less provocative.
The 2015 RSA Conference provides security professionals access to myriad keynotes, educational sessions and solutions for today’s cybersecurity risks. Whether you’re headed to San Francisco for the conference April 20-24 or you’re observing cybersecurity trends from your office, here is a sampling of some of the trends, products and services showcased at this year’s event.
Cyber-attacks are escalating in their frequency and intensity, and pose a growing threat to the business community as well as the national security of countries.
Security professionals are unable to keep pace with cybersecurity threats against companies as external and internal threats mushroom from both known and emerging technologies, according to a Trustwave survey.
The Massachusetts Institute of Technology is starting a new research effort to help CISOs better manage cybersecurity within critical infrastructure companies. Exxon Mobil Corp. and Schneider Electric SE are early members of the consortium, according to MIT.
Only 20 percent of payment card-accepting companies complied with the full set of international security standards in 2013, according to a new report from Verizon. The 2014 PCI Compliance Report looked at how hundreds of retailers, hospitality companies, financial service firms and other organizations followed the standards established by the PCI Security Standards Council.
We have been following the same cybersecurity approach, more or less, for over a decade. Yet, most everyone agrees that the problem continues to grow worse. Perhaps we are not on the right course. Maybe we are operating on false assumptions. The following list (to be continued in next month’s column) is meant to promote a dialogue about what, in my view, are widely held cybersecurity myths.