In the past decade, we've witnessed amazing advancements in medicine. Our lives are being not only enhanced but extended as new treatments, medications, and technologies come to market every month. Still, it's not just medical abilities that are rapidly improving; it's also the technology that drives the management and delivery of healthcare. This includes everything from the technology now behind a simple visit to the doctor’s office, new healthcare devices, and monitoring technologies, to the electronic sharing of patient medical information among far-flung doctors and specialists.
Healthcare organizations are still looking for a cybersecurity cure or at the very least an effective security management regimen. As we covered recently, Healthcare continues to be a prime target for cyber attacks. That post was based on a survey conducted by the non-profit global advisory organization HIMSS and found that most healthcare organizations had experienced a significant security incident in the previous year.
When it comes to managing cybersecurity risks, too many enterprises today remain focused on doing little more than making sure their baseline compliance and security controls are in place. They’ll check the boxes: Passwords more than 8 characters with two numbers and a special character? Check. Firewall? Check. VPN? Check. Antimalware? Check.
Since the rise of eCommerce in the late 1990s, enterprises have sought ways to improve the security of their software. Urgency to improve application security came when there was a wave of exploits and automated attacks in the form of worms and exploits started to hit.
Recently the ISACA (Information Systems Audit and Control Association) and the Digital Manufacturing and Design Innovation Institute (DMDII) together conducted a survey that aimed to pinpoint the current cybersecurity challenges faced by the manufacturing industry. According to the ISACA and the DMDII, the survey highlighted how manufacturers face real security concerns when it comes to finding adequate cybersecurity workers, funding the right level of cybersecurity budget, and securing the internet of things (IoT)-integrated devices.
Earlier this year, Quantum computing took another big step out of the laboratory and toward commercial viability with the release of the IBM Q System One. Last year Google announced its ‘Bristlecone’ Quantum Computing Chip.
While the U.S. Federal government is running (for now) again, there remains a concern that the partial shutdown will have a long-term impact on the cybersecurity readiness of the nation.
The promise was that cloud computing would simplify enterprise business-technology. Enterprise users would be able to focus on their applications and services while leaving the deeper security issues associated with infrastructure and secure delivery and management of applications to the cloud provider. It didn’t exactly turn out that way.
In the modern enterprise, APIs are both the keys that unlockdata and the glue that makes system integration possible. But how steep are the associated security concerns APIs create?
Privileged accounts are those accounts you most definitely never want to lose control over. These accounts include what used to be commonly called “superuser” accounts, those accounts that provide the highest level of access to a system, such as a server, local endpoints, and others. You can consider privileged accounts to be like administrative accounts that provide a higher level of access, typically to configure, manage and otherwise support a system. These types of accounts are often unrestricted, or lightly restricted.
When it comes to securing a public cloud infrastructure, many organizations are under the impression that the workloads they run are secured by their cloud services provider. This just isn’t so, and the lackadaisical attitude has resulted in a number of high-profile breaches, including the exposure of 1.8 million records pertaining to U.S. voters.
Despite regulatory mandates and years of costly data breaches in the healthcare industry, a recent survey found that less than one-third of healthcare organizations say they have a comprehensive cybersecurity program in place.
