Risk and Security - Information Management Today

Mimecast Acquires Elevate Security to Address Human Risk

Data Breach Today

JANUARY 5, 2024

Company Plans to Enhance Digital Workplace Protection With Behavioral Analytics Mimecast announced the acquisition of human risk management solutions specialist Elevate Security as part of its initiative to enhance digital workplace protection.

Risk

Risk Analytics Security IT

Experts Say Chinese Safes Pose Risks to US National Security

Data Breach Today

MARCH 14, 2024

Senator Urges Government to Tell Public About Little-Known Manufacturer Reset Codes Experts told ISMG that Chinese-made locks and commercial safes could pose national security risks when used by major U.S.

Risk

Risk Manufacturing Security Government

Nagomi Exits Stealth With $30M to Help Manage Security Risks

Data Breach Today

APRIL 25, 2024

Cyber Startup Wants to Enhance Customers' Proactive Management of Security Risks A threat exposure management startup led by an ex-Claroty executive emerged from stealth to help firms proactively manage security risks and improve their defensive postures.

Risk

Risk Security

Webinars

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

MORE WEBINARS

Identity Security and How to Reduce Risk During M&A

Data Breach Today

APRIL 11, 2024

But what about the specific role of identity security? SailPoint's Lori Diesen showcases the value of transitioning to SaaS-based identity security to reduce risk during M&A activity. Cybersecurity occupies a growing priority status in merger and acquisition discussions.

Risk

Risk Security Cybersecurity

How to Package and Price Embedded Analytics

Just by embedding analytics, application owners can charge 24% more for their product. How much value could you add? This framework explains how application enhancements can extend your product offerings. Brought to you by Logi Analytics.

Analytics

Critical Flaw in R Language Poses Supply Chain Risk

Data Breach Today

MAY 2, 2024

Deserialization Vulnerability Allows for Remote Code Execution A high-risk flaw in R statistics programming language could lead to a supply chain hack, warn security researchers who say they uncovered a deserialization flaw. Security researchers have long known that hackers sneak malicious code into serialized data.

Risk

Risk Security

Alert: Hackers Hit High-Risk Individuals' Personal Accounts

Data Breach Today

MARCH 26, 2024

Cybersecurity Experts Recommend Defenses to Counter Surge in Such Attacks Calling all high-risk individuals: Ensure you're taking adequate steps to secure your personal devices and accounts, as criminals and nation-state hackers increasingly target them instead of grappling with corporate defenses, warned the U.K.'s

Risk

Risk Cybersecurity Security

Addressing Security Gaps and Risks Post-M&A in Healthcare

Data Breach Today

SEPTEMBER 8, 2023

In the aftermath of mergers and acquisitions among healthcare entities - and the resulting IT integration and cost-cutting moves - gaps in technology and skills and other gaps often put organizations at higher risk for attacks and other security incidents, said Jack Danahy of NuHarbor Security.

Risk

Risk Security IT

The Concentrated Cyber Risk Posed by Enormous Vendors

Data Breach Today

MARCH 13, 2024

The vast healthcare ecosystem disruption caused by the recent attack on Change Healthcare, which affected more than 100 of the company's IT products and services, underscores the concentrated cyber risk when a major vendor suffers a serious cyber incident, said Keith Fricke, partner at tw-Security.

Risk

Risk Security IT

5 Early Indicators Your Embedded Analytics Will Fail

Many application teams leave embedded analytics to languish until something—an unhappy customer, plummeting revenue, a spike in customer churn—demands change. But by then, it may be too late. In this White Paper, Logi Analytics has identified 5 tell-tale signs your project is moving from “nice to have” to “needed yesterday.".

Analytics

Veracode CEO on Mastering Application Security in the AI Era

Data Breach Today

MAY 2, 2024

New CEO Brian Roche on Application Management and the Role of AI in Managing Risk New Veracode CEO Brian Roche discusses the importance of artificial intelligence in managing application risk, the integration of startup Longbow Security into Veracode's ecosystem, and the convergence of traditional application security with cloud security.

Artificial Intelligence

Artificial Intelligence Security Cloud Risk

DHS Says National Security at Risk as Key Authorities Expire

Data Breach Today

NOVEMBER 1, 2023

DHS Secretary Alejandro Mayorkas Urges Congress to Reauthorize Key Security Powers.

Risk

Risk Security Cybersecurity

ENISA Highlights AI Security Risks for Autonomous Cars

Data Breach Today

FEBRUARY 20, 2021

Automakers Should Employ Security-By-Design to Thwart Cyber Risks Autonomous vehicle manufacturers are advised to adopt security-by-design models to mitigate cybersecurity risks, as artificial intelligence is susceptible to evasion and poisoning attacks, says a new ENISA report.

Risk

Risk Artificial Intelligence Manufacturing Security

STEPS FORWARD Q&A: Will ‘proactive security’ engender a shift to risk-based network protection?

The Last Watchdog

OCTOBER 4, 2023

In a keynote address, Omdia’s Eric Parizo, managing prinicipal analyst, and Andrew Braunberg, principal analyst, unveiled an approach they coined as “proactive security.” RBVM solutions don’t merely identify vulnerabilities, it quantifies and prioritizes them, making risk management more strategic. This is a useful way to look at it.

Risk

Risk Security Cloud Marketing

Cover Your SaaS: How to Overcome Security Challenges and Risks For Your Organization

Speaker: Ronald Eddings, Cybersecurity Expert and Podcaster

And despite your SaaS adoption offering many positives, there is now an exponential increase in IT, security, and business complexity. By focusing on SaaS security posture management, your team can finally accomplish the following: Discover both known and unknown SaaS apps.

Security

Don't Let AI Frenzy Lead to Overlooking Security Risks

Data Breach Today

SEPTEMBER 20, 2023

Successful AI Implementation Requires a Secure Foundation, Attention to Regulations The private sector's frenzy to incorporate generative AI into products is leading companies to overlook basic security practices, a Google executive warned Tuesday.

Risk

Risk Security Cloud

Why Healthcare Entities Fall Short Managing Security Risk

Data Breach Today

OCTOBER 27, 2021

Why do so many HIPAA -covered entities and their vendors do such a poor job managing security risk and safeguarding patient's protected health information? Many critical factors come into play, say Roger Severino, ex- director of HHS OCR, and Bob Chaput, founder of security consultancy Clearwater.

Risk

Risk Security

Safe Security Buys Cyber Risk Quantification Vendor RiskLens

Data Breach Today

JULY 12, 2023

Acquisition Will Help Safe Security Customers See, Manage, Communicate About Risk Safe Security purchased the creators of the industry's only open standard for cyber risk quantification to improve the visibility, management and communication of risk.

Risk

Risk Security Communications

Hugging Face Vulnerabilities Highlight AI-as-a-Service Risks

Data Breach Today

APRIL 8, 2024

Researchers Say Illegal Access to Private AI models Can Enable Cross-Tenant Attacks Security researchers have discovered two critical vulnerabilities in the Hugging Face AI platform that exposed potential gaps for attackers seeking unauthorized access and manipulation of customer data and models.

Risk

Risk Access Security

Shift Left Security? Development Does Not Want to Own It.

Speaker: Shlomo Bielak, CTO, Benchmark Corp

Shifting security left to the earliest part of development is currently in the spotlight in the developer world. What teams are now discovering is, this approach results in misdirected ownership for developers and a frustrated security team. In the current climate, we cannot afford to let security implementations falter.

Security

Report Says CISA is Failing to Identify High-Risk Exploits

Data Breach Today

DECEMBER 19, 2023

CISA Failed to Include High-Risk Vulnerabilities in Known Exploit List, Report Says The Cybersecurity and Infrastructure Security Agency maintains an exhaustive list that the U.S.

Risk

Risk Cybersecurity Security IT

Assessing the Security Risks of Emerging Tech in Healthcare

Data Breach Today

SEPTEMBER 13, 2022

Federal Authorities Urge Healthcare Sector Entities to Take Caution A host of emerging technologies - including artificial intelligence, 5G cellular, quantum computing, nanomedicine and smart hospitals - offer the potential to revolutionize healthcare, but organizations must carefully evaluate the security risks, federal authorities warn.

Artificial Intelligence

Artificial Intelligence Risk Security

Secondary Market Medical Device Security Risks

Data Breach Today

AUGUST 10, 2023

Legacy infusion pumps commonly available for purchase on the secondary market often contain wireless authentication and other sensitive data that the original medical organization owners failed to purge, warned researcher Deral Heiland, citing a recent study conducted by security firm Rapid7.

Marketing

Marketing Risk Security Authentication

CISA Orders Agencies to Mitigate Pulse Secure VPN Risks

Data Breach Today

APRIL 21, 2021

Agency Says Exploits Pose 'Unacceptable Risk' The U.S. Cybersecurity and Infrastructure Security Agency has issued an emergency directive requiring executive branch agencies to mitigate by Friday the risks posed by a zero-day vulnerability and three other recently patched flaws in Pulse Connect Secure VPN products.

Risk

Risk Security Cybersecurity

How and Why Should You Be Tracking Geopolitical Risk?

Geopolitical risk is now at the top of the agenda for CEOs. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies. So, what is geopolitical risk? How can you track geopolitical risk?

Risk

Identity Security Clinic

Data Breach Today

MARCH 22, 2024

See Also: When Every Identity is at Risk, Where Do You Begin? Introducing CyberArk’s Identity Security Clinic. Where experts dissect and diagnose your

Security

Security Risk

ISMG Editors: Are Frequently Used Usernames a Security Risk?

Data Breach Today

SEPTEMBER 15, 2023

Also; The 'Quantum Divide'; Global AI Regulatory Trends In the latest weekly update, four editors at ISMG discuss important cybersecurity and privacy issues, including how to keep assets secure in the quantum era, when common usernames pose a cybersecurity threat, and how to strike the right balance between regulation and innovation in AI.

Risk

Risk Security Cybersecurity Privacy

Assessing the Privacy, Security Risks of Digital Health IT

Data Breach Today

JULY 18, 2022

A new assessment framework aims to help patients, healthcare providers and others examine the various privacy, security and other risks of digital health technologies, says Tim Andrews of the nonprofit Organization for the Review of Care and Health Applications, which co-developed the framework.

Risk

Risk Privacy Security IT

How Secure Is Cloud Storage? Features, Risks, & Protection

eSecurity Planet

JANUARY 18, 2024

When assessing the overall security of cloud storage and choosing a solution tailored to your business, it helps to determine its features, potential risks, security measures, and other considerations. It excels in remote access, scalability, and security, with distributed storage options and privacy adherence capabilities.

Cloud

Cloud Risk Security Encryption

The Unexpected Cost of Data Copies

Unfortunately, data replication, transformation, and movement can result in longer time to insight, reduced efficiency, elevated costs, and increased security and compliance risk. How Dremio delivers clear business advantages in productivity, security, and performance.

Security

Mitigating OT Security Risks: Focusing on Solutions, not Products

Data Breach Today

MAY 25, 2023

Michelle Balderson of OTORIO on How OT Security Is Now Perceived as a Business Risk OT security is being discussed in the board room as attackers adopt the use of AI and automation.

Risk

Risk Security

Using Russian Security Software? UK Says Risks Have Changed

Data Breach Today

MARCH 29, 2022

War Alters Resiliency Requirements, Britain's National Cyber Security Center Warns The Russia-Ukraine war has altered the risks facing organizations that use Russian technology or services, including the increased threat of being directly targeted, as well as disruptions caused by any new sanctions, warns Britain's National Cyber Security Center.

Risk

Risk Security

How to Address Telehealth Cloud Security Risks

Data Breach Today

AUGUST 14, 2020

With the surge in telehealth use during the COVID-19 pandemic, healthcare organizations must be prepared to deal with cloud security and privacy risks, says Jim Angle of Trinity Health, who is the author of a recent report from the Cloud Security Alliance.

Cloud

Cloud Risk Security Privacy

Reduce Security Risk of Healthcare Legacy Systems, Devices

Data Breach Today

NOVEMBER 1, 2021

HHS OCR: If Old Gear Cannot Be Replaced, Take Other Steps to Protect PHI Federal regulators are reminding healthcare organizations about the critical importance of addressing security risks involving legacy systems and devices - including specialty software and gear - that are often difficult for entities to replace.

Risk

Risk Security

Report Warns of 'Catastrophic' Medical Device Security Risks

Data Breach Today

DECEMBER 22, 2023

Majority of Connected Medical Devices Contain Critical Vulnerabilities, FBI Says A new GAO report says federal agencies fail to provide health are providers and patients with enough resources and information to address critical vulnerabilities in a majority of medical devices in the U.S.

Risk

Risk Security

The Complexity of Managing Medical Device Security Risk

Data Breach Today

AUGUST 19, 2022

The extremely diverse architectures and systems within the tens of thousands of very specialized types of medical devices used in clinical settings adds to the complexity healthcare organizations and manufacturers face in managing cybersecurity risk for these products, says Phil Englert of H-ISAC.

Risk

Risk Manufacturing Security Cybersecurity

Proof of Concept: Overcoming Open Source Code Security Risks

Data Breach Today

OCTOBER 26, 2023

DXC Technology, Aquia CISOs on Challenges, Best Practices of Managing Code Bases In the latest "Proof of Concept," DXC Technology IT CISO and CyberEdBoard member Mike Baker and Chris Hughes, co-founder and CISO of Aquia, join ISMG editors to discuss benefits, challenges and misconceptions of adopting open source software in modern code bases - plus (..)

Risk

Risk Security IT

Cisco Buys Startup Lightspin to Address Cloud Security Risks

Data Breach Today

MARCH 29, 2023

Lightspin Deal Will Help Prioritize and Remediate Issues for Cloud-Native Resources Cisco plans to purchase its second cloud security startup in two months to deliver context, prioritization and remediation recommendations for cloud native resources.

Cloud

Cloud Risk Security IT

Security Risks of AI

Schneier on Security

APRIL 27, 2023

Stanford and Georgetown have a new report on the security risks of AI—particularly adversarial machine learning—based on a workshop they held on the topic. The understanding of how to secure AI systems, we concluded, lags far behind their widespread adoption.

Risk

Risk Security Cybersecurity Government

Managing Legacy Medical, OT, IoT Device Risk in Healthcare

Data Breach Today

JULY 26, 2023

While patient safety risks posed by unpatched security vulnerabilities in legacy medical devices often grab headlines, healthcare entities shouldn't underestimate the serious business risks involving other poorly secured IoT and OT gear used in healthcare settings, said Mohammad Waqas of Armis.

IoT

IoT Risk Security

Safe Security Raises $50M to Bring ML to Risk Quantification

Data Breach Today

APRIL 18, 2023

Generative AI Can Help Nontechnical Executives Better Understand Security Posture A cyber risk quantification startup backed by ex-Cisco CEO John Chambers has raised $50 million to apply ML technology and build more API adapters.

Risk

Risk Security

GUEST ESSAY: Best practices to shrink the ever-present risk of Exchange Server getting corrupted

The Last Watchdog

FEBRUARY 5, 2024

One critical issue faced by organizations that rely on Exchange Server is the risk of a corrupt Exchange Server database cropping up. Fortunately, effective tools and wise best practices can help mitigate this this exposure enabling companies to indefinitely leverage Exchange Server as a productive, resilient and secure communications tool.

Risk

Risk Cloud Communications Education

Okta to Acquire Spera Security

Data Breach Today

DECEMBER 19, 2023

Okta Says Acquisition Will Expand Its Ability to Detect High-Risk Accounts Okta finalized an agreement to acquire Spera Security, saying the purchase will expand its ability to track risky accounts and access misconfigurations.

Security

Security Risk Access IT

BitSight CEO on Going From Security Ratings to Managing Risk

Data Breach Today

JANUARY 19, 2023

Steve Harvey on Why Boards Want to Understand the Risk Factors, Not Just the Rating Security ratings provide a strong indication of potential risk, but boards increasingly want to drill into the underlying risk factors, says CEO Steve Harvey.

Risk

Risk Security Government

Mimecast Acquires Elevate Security to Address Human Risk

Experts Say Chinese Safes Pose Risks to US National Security

Webinars

Trending Sources

Nagomi Exits Stealth With $30M to Help Manage Security Risks

Webinars

Identity Security and How to Reduce Risk During M&A

How to Package and Price Embedded Analytics

Critical Flaw in R Language Poses Supply Chain Risk

Alert: Hackers Hit High-Risk Individuals' Personal Accounts

Addressing Security Gaps and Risks Post-M&A in Healthcare

The Concentrated Cyber Risk Posed by Enormous Vendors

5 Early Indicators Your Embedded Analytics Will Fail

Veracode CEO on Mastering Application Security in the AI Era

DHS Says National Security at Risk as Key Authorities Expire

ENISA Highlights AI Security Risks for Autonomous Cars

STEPS FORWARD Q&A: Will ‘proactive security’ engender a shift to risk-based network protection?

Cover Your SaaS: How to Overcome Security Challenges and Risks For Your Organization

Don't Let AI Frenzy Lead to Overlooking Security Risks

Why Healthcare Entities Fall Short Managing Security Risk

Safe Security Buys Cyber Risk Quantification Vendor RiskLens

Hugging Face Vulnerabilities Highlight AI-as-a-Service Risks

Shift Left Security? Development Does Not Want to Own It.

Report Says CISA is Failing to Identify High-Risk Exploits

Assessing the Security Risks of Emerging Tech in Healthcare

Secondary Market Medical Device Security Risks

CISA Orders Agencies to Mitigate Pulse Secure VPN Risks

How and Why Should You Be Tracking Geopolitical Risk?

Identity Security Clinic

ISMG Editors: Are Frequently Used Usernames a Security Risk?

Assessing the Privacy, Security Risks of Digital Health IT

How Secure Is Cloud Storage? Features, Risks, & Protection

The Unexpected Cost of Data Copies

Mitigating OT Security Risks: Focusing on Solutions, not Products

Using Russian Security Software? UK Says Risks Have Changed

How to Address Telehealth Cloud Security Risks

Reduce Security Risk of Healthcare Legacy Systems, Devices

Report Warns of 'Catastrophic' Medical Device Security Risks

The Complexity of Managing Medical Device Security Risk

Proof of Concept: Overcoming Open Source Code Security Risks

Cisco Buys Startup Lightspin to Address Cloud Security Risks

Security Risks of AI

Managing Legacy Medical, OT, IoT Device Risk in Healthcare

Safe Security Raises $50M to Bring ML to Risk Quantification

GUEST ESSAY: Best practices to shrink the ever-present risk of Exchange Server getting corrupted

Okta to Acquire Spera Security

BitSight CEO on Going From Security Ratings to Managing Risk

Stay Connected