The U.S. Department of Health and Human Services on Wednesday released a sweeping strategy document proposing how the Biden administration intends to push the healthcare sector - through new requirements, incentives and enforcement - into improving the state of its cybersecurity.
A New York medical imaging services provider is notifying nearly 606,000 individuals that their information was potentially accessed and copied in a recent hacking incident. The entity is one of several medical imaging centers that have reported major hacking breaches in recent weeks and months.
The recently released National Security Policy emphasizes building cybersecurity resilience in the Philippines. To do this, businesses must focus on protecting identity, push for cybersecurity education and protect critical infrastructure from external cyberattacks, said CISO Charmaine Valmonte.
On Nov. 8, Tenable Chairman and CEO Amit Yoran wrote a letter to Congress in support of CISA. In this episode of "Cybersecurity Insights," Yoran calls the agency the "primary focal point of our defensive efforts" and discusses why the country needs to stay unified on defeating cyberthreats.
Seoul police have accused the North Korean hacker group Andariel of stealing sensitive defense secrets from South Korean defense companies and laundering ransomware proceeds back to North Korea. The hackers stole 1.2TB of data, including information on advanced anti-aircraft weapons.
A large, Seattle-based surgical group is notifying nearly 437,400 individuals that their information was potentially compromised in a ransomware and data theft incident earlier this year. The breach is part of a larger, disturbing trend in the healthcare sector in 2023.
A bipartisan group of lawmakers urged the Biden administration to consider intensifying restrictions on semiconductor sales to Chinese companies in a bid to ensure that U.S. remote-sensing technology doesn't aid Beijing's national security efforts.
British Conservative lawmakers are pushing ahead with legislation modifying the U.K. codification of European privacy law despite objections from privacy advocates and concerns about the legislation's impact on European trade. Government backers say the bill will bolster the domestic AI industry.
The Indian government has exempted the national Computer Emergency Response Team from providing information to citizens under the Right to Information Act. Industry experts believe the move may dilute the agency’s public accountability and transparency.
The United States on Thursday sanctioned North Korean cyberespionage threat actor Kimsuky, known for its social engineering campaigns against targets it suspects of holding intelligence on geopolitical events and negotiations affecting the Hermit Kingdom.
New Jersey-based hospital group Capital Health is dealing with a network outage, caused by a cyberattack earlier this week, which is affecting some patient services. Capital Health is at least the second healthcare provider in the Garden State responding to a cyberattack this week.
New York regulators are warning millions of individuals of identity theft risks involving a data theft at a medical transcriber that has now affected patients of at least two major healthcare groups, including Crouse Health and Northwell Health in the state. Lawsuits in the case are also piling up.
In the constant struggle to manage the other five pillars - identify, protect, detect, respond and recover - security leaders often do not have governance at top of mind, said Netography CEO Martin Roesch, but he added, "Good governance is the root of having good security."
Procurement experts testified to the House Subcommittee on Cybersecurity, Information Technology, and Government Innovation on Wednesday that government requirements leave too many unanswered questions and ambiguities for federal agencies when it comes to implementing SBOMs.
The Japanese space exploration agency is investigating a cyberattack this summer that reportedly targeted an Active Directory server. Police detected the attack and alerted the space agency, which claims hackers did not access any personal information.