We’ve been writing for a few years now about the dangers of connected medical devices and how the U.S. F.D.A. has sought to increase the security of these devices. Previously, in St. Jude Takes Steps to Secure Vulnerable Medical Implants we covered the security surrounding St. Jude medical devices. We covered how the FDA Seeks Secure Medical Device Development Lifecycle and the FDA Prescribes Safer Path for Connected Medical Devices.
The US Department of Homeland Security Computer Emergency Readiness Team has just issued a technical alert earlier this week, warning that US companies operating in critical sectors are at risk, as cyberespionage attempts from foreign governments were detected. Key targets include Information Technology (IT), Energy, Healthcare and Public Health, Communications, and Critical Manufacturing. From as early as May 2016, CERT says extensive Advanced Persistent Threat tactics, techniques, and procedures were deployed to infiltrate MSPs (managed service providers) customer networks to steal confidential information and interfere with government and business operations.
New data protection laws are cropping up at every pace, as cybercriminals continue to hone their infiltration techniques while the number of data breaches reported by businesses big and small continues to be on the rise.
The annual State of DevOps report is out for 2018 and the study offered up some very strong proof points for the tight relationship between mature DevOps practices and improved security operations.
An enterprise’s first line of defense, experts agree, is the employee. And the first factor of enterprise authentication is the password. It takes a single untrained pair of eyes to fall for a phishing scam to let hackers into an infrastructure.
The importance of a strong enterprise cybersecurity culture to the overall effectiveness of an IT security department can't be understated. It's consistently named by executives as a crucial, if ephemeral, ingredient for cyber risk management success.
Cyber security executives are always looking for ways to keep a step ahead of the bad actors and the latest threats. Emerging technologies such as machine learning (ML) are providing a way to do that, and some IT and security leaders have begun taking advantage of tools that leverage these automated capabilities.
Cloud security has finally become a big-enough blip on IT professionals’ radar to be taken seriously. Almost all respondents in a recent cybersecurity study revealed that their organization has agreed to increase the resources allocated to protecting the company’s assets from bad actors – and to great extent, too.
The General Data Protection Regulation, which took effect in May, has renewed interest in security spending. Gartner projects it will drive 65 percent of buying decisions related to data loss prevention by the end of the year. The focus of the regulation, known commonly as GDPR, is on citizens in the European Union. But its impact is becoming global.
-solution.jpg)
The increase in cloud adoption has significantly impacted the way organizations think about security, in the sense that threat visibility into infrastructures has become mandatory in light of how the threat landscape has evolved. Starting from the premise that threat actors can and will breach infrastructures, organizations need to begin focusing on detecting and responding to these breaches as swiftly as possible to restore affected environments, ensure business continuity, and stay compliant with new regulations.
Cybersecurity is often likened to a cat-and-mouse game, with Jerry a step or two ahead of Tom as the rodent gets up to mischief. That’s because cybersecurity is a cat-and-mouse game. Hackers almost always have the advantage of surprise, while IT departments are left picking up the broken pieces should their defenses fail.
As business-technology systems grow more complex, so does the need to automate essential management and security processes. With hybrid cloud architectures, DevOps management approaches, and continuous software delivery pipelines, organizations need to automate as many processes as they can automate. For those tasks that require little or no deviation, many enterprises are turning to Robotic Process Automation (RPA).
