Careers Information Security Podcast

Because healthcare IT environments are so complicated, it will become essential for all suppliers to provide and maintain a software bill of materials for their products to remain relevant, says Curt Miller of the Healthcare Supply Chain Association.

The latest edition of the ISMG Security Report features an analysis of how attackers are distributing Night Sky crypto-locking malware to exploit Log4j vulnerabilities, lessons learned from Log4j and a security flaw that affects some Tesla-built vehicles.

The latest edition of the ISMG Security Report features an analysis of the recent surge in Russian cyber interference in Ukrainian government and civilian networks, the impact of China's privacy law, and the battle against cryptocurrency cybercrime.

The latest edition of the ISMG Security Report features highlights from interviews in 2021 and examines President Joe Biden's executive order on cybersecurity, ransomware response advice and assessing hidden business risks.

As healthcare entities set out to better secure cloud application development and management, there are several critical considerations they must not overlook. Key among these: "the need to move to a DevSecOps model in the first place," says Adrian Mayers, CISO of health insurer Premera Blue Cross.

The latest edition of the ISMG Security Report features an analysis of the most recent developments in the Log4j security flaw crisis, ransomware-era incident response essentials and what to expect from cybersecurity in 2022.

Sherry Lowe, who has been in senior leadership in the marketing space for over a decade, focuses on not letting metrics kill marketing. She discusses injecting more creativity into cybersecurity marketing strategy and standing out in a market full of look-alikes.

The latest edition of the ISMG Security Report features an analysis of the Log4j security flaw, including the risks and mitigation techniques, how to patch Log4j, and CISO Dawn Cappelli on Log4j response.

How serious is the Apache Log4j zero-day vulnerability that was announced to the world on Friday? "It's big," says Sam Curry, chief security officer at Cybereason, which has developed a "vaccine" to help. "I hate hyperbole generally," Curry says. "But it is a 10 on the criticality scale."

The latest edition of the ISMG Security Report features an analysis of how the U.S. military has been "imposing costs" on ransomware groups. Also featured: a twist in the case of the Missouri governor vs. an alleged "hacker," and CyberTheory's Steve King on "why Zero Trust?"

With the support of the recent executive order on improving the nation's cybersecurity, Zero Trust strategy is gaining greater recognition. But there is still a degree of resistance to Zero Trust adoption. Dr, Chase Cunningham, CSO of Ericom, discusses this and other issues around Zero Trust.

Cybersecurity experts worry about attacks and ransomware directed at the 70,000 water and wastewater facilities in the U.S. In November 2020, the Hampton Roads Sanitation District was infected with Ryuk ransomware. Fortunately, its operational technology systems were unaffected, and it recovered.

The latest edition of the ISMG Security Report features an analysis of best practices for negotiating a ransom payment. Also featured: Busting Zero Trust myths and the dangers of mythologizing defenders.

In this episode of "Cybersecurity Unplugged," Dan Bowden, CISO at Sentara Health, discusses telemedicine, IoMT, and explains why we’re lagging so far behind in healthcare security. "It’s because of how the data is managed, data standards, data integrity."

The latest edition of the ISMG Security Report features an analysis of how organizations can reduce risk especially over holidays and weekends, when attackers are most likely to strike. Also featured: Highlights from Ireland's IRISSCON 2021 cybercrime conference; what's ahead for COVID-19 and the workplace?

Drawing on his deep background in technology, government and law, cybersecurity adviser Tony Scott delves into many pressing issues in cybersecurity today - including zero trust. In this episode of "Cybersecurity Unplugged," he says organizations should get started on the journey now.

Many healthcare entities are resistant to implement multifactor authentication, and that is among the most frustrating critical security mistakes that organizations in that sector make, says Tom Walsh, founder of security consultancy tw-Security.

The latest edition of the ISMG Security Report features an analysis of how cybercriminals are turning to cryptomixing services to conceal the proceeds of ransomware activities from law enforcement officials. Also featured: Criminals exploit a misconfigured FBI server and the future of zero trust.

This is the second episode of "The Ransomware Files," a podcast miniseries focused on stories of resilience in the fight against ransomware. An Australian company, Matthews, saw its backups corrupted and attackers release its data. The company recovered however, and has greatly improved its IT security defenses.

Ari Redbord of TRM Labs, who has had an extensive career in law enforcement, points out that 2020 was a pivotal year for putting cybersecurity on the agenda throughout the government. He discusses securing cryptocurrecy, the blockchain and other elements of the "digital battlefield."