Cybersecurity Leadership: Risk Exposure Awareness

Data Breach Today

CEOs and CISOs on Assessing and Mitigating the New Risk Landscape It might be new, but are we ready to call this "normal?"

Risk 153

Biometric Technology: Assessing the Risks

Data Breach Today

The growing use of biometric technology is raising concerns about privacy as well as identity theft and fraud, says attorney Paul Hales, who reviews recent legal and legislative developments

Risk 198

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

The Risks Posed by Mobile Health Apps

Data Breach Today

What privacy and security issues are raised by patients using smartphone apps to access health records? Attorney Helen Oscislawski and security expert Jarrett Kolthoff offer an analysis

Risk 218

COVID-19 Risks of Flying

Schneier on Security

This is all a prelude to saying that I have been paying a lot of attention to the COVID-related risks of flying. I think that most of the risk is pre-flight, in the airport: crowds at the security checkpoints, gates, and so on. airtravel covid19 riskassessment risksI fly a lot. Over the past five years, my average speed has been 32 miles an hour. That all changed mid-March.

Risk 87

How to Solve 4 Common Challenges of Legacy Information Management

Speaker: Chris McLaughlin, Chief Marketing Officer and Chief Product Officer, Nuxeo

After 20 years of Enterprise Content Management (ECM), businesses still face many of the same challenges with finding and managing information. Join Chris McLaughlin, CMO and CPO of Nuxeo, as he examines four common business challenges that these legacy ECM systems pose and how they can be addressed with a more modern approach.

Securing Remote Access With Risk-Based Authentication

Data Breach Today

Implementing an adaptive, risk-based authentication process for remote system access is proving effective as more staff members work from home during the COVID-19 pandemic, says Ant Allan, a vice president and analyst at Gartner

How to Address Telehealth Cloud Security Risks

Data Breach Today

With the surge in telehealth use during the COVID-19 pandemic, healthcare organizations must be prepared to deal with cloud security and privacy risks, says Jim Angle of Trinity Health, who is the author of a recent report from the Cloud Security Alliance

Risk 147

Third-Party Risk Management Essentials

Data Breach Today

Mark Sangster of eSentire Shares Lessons Learned Third-party vendor risk continues to pose a security challenge to organizations. Despite many having formal policies for managing third-party risk, almost half of organizations say they've suffered a data breach that traces to a third-party vendor, says Mark Sangster of eSentire

Risk 174

Third-Party Risk Considerations During COVID-19 Crisis

Data Breach Today

As healthcare organizations navigate the COVID-19 crisis, they should take critical steps to improve their security posture and third-party security risk governance, says consultant Brenda Ferraro, the former CISO at Meritain Health, an Aetna subsidiary

Risk 179

Managing Open Source Risks

Data Breach Today

But with increased speed comes greater risks, says Chris Eng of CA Veracode, who offers insights on mitigating those risks Chris Eng of CA Veracode on Best Practices Open source and third-party components help developers build and deploy applications faster.

Risk 170

4 Risk Mitigation Principles for the Remote Workforce

Data Breach Today

Jeff Schilling of Teleperformance on Risk Management During COVID-19 Pandemic Jeff Schilling, global CISO at Teleperformance, a Paris-based company offering digitally integrated business services worldwide, describes four principles for mitigating security risks for the remote workforce during the COVID-19 pandemic.

Risk 162

OnDemand Webinar | Benchmarking Digital Risk Factors

Data Breach Today

Findings For CISOs From Latest RIsk Surface Report. View this OnDemand webinar and learn about the key dimensions of internet risk surface

Risk 141

Minimizing File Transfer Risk

Data Breach Today

Jeffrey Edwards of Progress Software on Ensuring Privacy File transfers are a significant factor in accidental insider risk. Jeffrey Edwards of Progress Software explains how secure file transfers can help ensure privacy and play a role in regulatory compliance

Risk 125

Risks of Password Managers

Schneier on Security

Stuart Schechter writes about the security risks of using a password manager. My particular choices about security and risk is to only store passwords on my computer -- not on my phone -- and not to put anything in the cloud. In my way of thinking, that reduces the risks of a password manager considerably. passwordsafe passwords riskassessment risks

Malware Risk Higher for Those Working at Home: Report

Data Breach Today

BitSight Study Analyzes Exposure to Botnets, Other Threats The shift to telework due to the global COVID-19 pandemic has raised the risk of exposure to botnets as well as Mirai and Trickbot malware, according to the security firm BitSight

Risk 210

The Risks Posed by Wireless Automotive Dongles

Data Breach Today

Researchers Find Widespread Vulnerabilities in These Diagnostic Devices New research has uncovered widespread vulnerabilities in wireless dongles that plug into a vehicle's OBD-II port. The inexpensive IoT devices have put new power into the hands of consumers to monitor their vehicles or check fault codes, but they could also open up new vectors for attacks

Risk 152

Telehealth App Breach Spotlights Privacy, Security Risks

Data Breach Today

Glitch Briefly Allowed Potential Access to Patient Consultation Recordings A software error that briefly allowed individuals to access other patients' telehealth appointment recordings serves as a reminder of the potential security and privacy risks involving telemedicine applications, especially as the use of the technology soars during the COVID-19 pandemic

Risk 145

Security Risks of Chatbots

Schneier on Security

Good essay on the security risks -- to democratic discourse -- of chatbots. lies nationalsecuritypolicy propaganda risks

Risk 80

Researcher Describes Risks Posed by Posting Boarding Passes

Data Breach Today

Former Australian PM's Instagram Shot Led to Personal Data An Instagram post by one of Australia's former prime ministers led to a security researcher finding his passport and phone number due to a coding error in a widely used airline ticketing system.

Risk 167

Understanding Your Risk Surface

Data Breach Today

How can they best understand and mitigate their risks? Kelly White of RiskRecon on How to Track What's Being Missed In the expanded, virtual enterprise, security leaders face the challenge of defending an ever more complicated attack surface. Kelly White of RiskRecon shares insights

Risk 136

Emerging Risk Management Issue: Vendors Hit by Ransomware

Data Breach Today

When a Vendor Gets Hit, Many Customers Can Be Affected Two recent ransomware incidents that targeted companies serving healthcare organizations highlight an emerging vendor risk management challenge in the sector

Risk 147

The State of Integrated Risk Management

Data Breach Today

ServiceNow's Vasant Balasubramanian on Digital Transformation Integrated risk management and compliance offerings are moving to the cloud in a significant way to keep pace with digital transformation, says Vasant Balasubramanian of ServiceNow

COVID-19: Security Risks As Manufacturers Shift Gears

Data Breach Today

As automobile manufacturers and others rush to shift to production of ventilators and other medical equipment and supplies to help fight the COVID-19 pandemic, they must take steps to ensure security, privacy and safety risks are addressed, says technology attorney Steven Teppler

OnDemand Webinar | Integrating Information Risk Management into Business Risk Management

Data Breach Today

Learn about trends in information security risk assessment that align with business risk. This webinar explores communication challenges around information security, the typical journey organizations are taking to bring information risk management into the broader umbrella of business risk management, and the advantages accruing to organizations as they mature their information risk management programs

Risk 117

Analysis: Mitigating Risks in Multicloud Environments

Data Breach Today

Also featured: A ransomware risk management update; tips on disaster planning The latest edition of the ISMG Security Report discusses recent research on the cyberthreats in multicloud environments and how to mitigate them.

Risk 121

Back to the Office: Managing the Risks

Data Breach Today

Former NSA CISO on Reassessing Security Infrastructure As organizations that shifted to a remote workforce consider allowing some workers to return to the office environment, CISOs must reassess their security infrastructures, says Chris Kubic of Fidelis Cybersecurity, who formerly was CISO at the National Security Agency

Risk 147

Solving 3rd Party Cybersecurity Risk

Data Breach Today

Your organization's risk surface may be larger than you think. Your organization's risk surface is larger than you think. How can you get a handle on what risks exist, where they reside, and which ones are most important to resolve immediately

Risk 148

Managing Third-Party Risks: CISO Insights

Data Breach Today

TMF Group's Devender Kumar on Effectively Handling Vendor Risk It's important to look into the inherent risks of engaging with vendors before getting into assessing individual companies, says Devender Kumar, CISO at TMF Group, who discusses how to handle risks arising from third parties

Risk 141

HHS Updates Security Risk Assessment Tool

Data Breach Today

But Why Is Conducting a Risk Analysis So Challenging for So Many Organizations? But why is conducting a risk assessment so challenging for so many

Risk 184

FAIR Play: Measuring and Managing Information Risk

Data Breach Today

Creator Jack Jones on the Uptake of His 'Factor Analysis of Information Risk' Model Driven by boards of directors' demand for better risk management practices and insight into the risks facing their organization, demand for frameworks and models to help has been skyrocketing, says Jack Jones, chairman of The FAIR Institute

Risk 125

Future-Proofing for IoT Risks

Data Breach Today

Check Point's Robert Falzon on Preparing for the Changes to Come The internet of things promises to change how enterprises operate - as well as the cybersecurity risks they will face. Robert Falzon of Check Point Software Technologies outlines IoT risks and how to prepare to mitigate them

IoT 155

CISO Notebook: Putting Frameworks Around Risk

Data Breach Today

Dallas County CISO Michael Anderson on Risk Management and Resiliency Dallas County, one of the 10 largest counties in the U.S., was accustomed to an entirely on-premises workforce. Then came the pandemic. The Texas county's CISO, Michael Anderson, tells how he planned for business resiliency - and why he owes it all to frameworks

Risk 109

'Ripple20' Flaws in Medical Devices: The Risks

Data Breach Today

And what steps can healthcare organizations take to help mitigate the risks? How do the recently identified "Ripple20" TCP/IP code flaws potentially impact medical devices? Elad Luz of the security research firm CyberMDX, which helped study the vulnerabilities, offers an analysis

Risk 117

Mitigating the Risks Posed by AI Meeting Assistants

Data Breach Today

AI meeting assistants present increasing risks as more companies rely on teleconferencing during the COVID-19 pandemic, says U.K.-based based Steve Marshall, CISO at Bytes Technology, an IT and cybersecurity consultancy, who discusses risk mitigation steps

Risk 153

CISO Notebook: Third-Party Risk

Data Breach Today

Cris Ewell of UW Medicine on Managing Vendor Risks Where is the data, who has access to it, and how is it being secured? These are among the top questions inherent in any third-party risk program. Cris Ewell, CISO of UW Medicine, shares insight from his experience managing vendor risk

Risk 117

Analysis: Smart TV Risks

Data Breach Today

The latest edition of the ISMG Security Report offers an analysis of the FBI's security and privacy warnings about smart TVs. Also featured: discussions on the security of connected medical devices and strategies for fighting synthetic identity fraud

Risk 109

Phishing: Mitigating Risk, Minimizing Damage

Data Breach Today

In Wake of Recent Incidents, Experts Offer Insights on Critical Steps to Take As phishing attacks continue to menace healthcare and other business sectors, security experts say organizations must take critical steps to prevent falling victim and help limit the potential damage

Mitigating Emerging Risks

Data Breach Today

Chris Testa of Cybereason on Going Beyond Defense-in-Depth As businesses change their key strategies, they must ensure they mitigate new risks that emerge, says Chris Testa of Cybereason.

Risk 130

The NSA on the Risks of Exposing Location Data

Schneier on Security

The NSA has issued an advisory on the risks of location data. Mitigations reduce, but do not eliminate, location tracking risks in mobile devices. Users should be aware of these risks and take action based on their specific situation and risk tolerance. When location exposure could be detrimental to a mission, users should prioritize mission risk and apply location tracking mitigations to the greatest extent possible.

Risk 75

Why Risk Literacy is Essential for Digital Transformation

Data Breach Today

Start by ensuring that you correctly explain risk to stakeholders, as well as continually benchmark your organization's risk management maturity, says ServiceNow's Barbara Kay ServiceNow's Barbara Kay Talks Maturity and Digital Transformation Project Success Want to maximize your digital transformation project success and impact?