Over the past few months, millions of workers have turned their homes into their new, remote office, including state government employees, which brought a host of risks through use of unsecured Wi-Fi and poor access controls. This shift toward home as well as the underlying panic brought on by COVID-19 altered hackers’ focus and targets aimed at the remote worker. Chief Information Security Officers (CISO) preparing their companies for this change require time, training for employees and the right technology, as well as increased cooperation between the security teams and IT/network operations groups.
In her “Top Breaches of 2019”, a security journalist asked if last year would “…be the worst on record?” It looks like 2020 could surpass last year’s breaches, but it’s not entirely due to consequences of the global pandemic. For sure, unprecedented levels of remote working has emboldened hackers to exploit new vulnerabilities, but there’s one very insidious risk that shows up year after year: the silent and unwitting exposure of sensitive data that no one notices… until it’s too late.
Regardless of the exact wording of The CMS Interoperability and Patient Access final rule, it’s clear that healthcare executives will be spending considerable time this year thinking about, planning for, and implementing technologies that support healthcare data exchange.
The offices of the Chief Information Security Officer and the Chief Digital Officer have the biggest part to play in protecting consumers perception of a brand, but they couldn’t be more opposite in their objectives and operations. CISO’s are tasked with keeping the unknown users out. Their primary focus has been making sure internal users such as employees, contractors and vendors are properly vetted and authenticated. CDO’s are seeking to invite as many unknown users (prospects) in as they represent new business. Having said that, what would happen if the CISO and CDO partnered more closely to protect those unknown users (prospects) and improve their online experience?
When it comes to PKI, leaders have two options: build it or move it to the cloud. PKI as-a-Service (PKIaaS) platforms are becoming a popular investment choice that provide all the benefits of a privately rooted PKI, but without the cost and complexity of running it in-house. PKIaaS providers can deliver a much more effective, and ultimately more secure, PKI than most enterprises can achieve on their own. Regardless of whether the choice is to build or buy, teams must consider six key requirements to ensure in-house or out-sourced PKI success – and digital identity security.
DefenTec began as a managed services provider (MSP) before transitioning into a managed security services provider (MSSP). Now, in addition to optimizing their clients’ data environments through managed services, IT support and consulting, and cloud computing, DefenTec also fortifies them through a full range of managed security services, including secure Wi-Fidesign, network audits, and of course, password management. How does DefenTec use KeeperMSP to further guard their clients from cyberattacks?
The COVID-19 driven shift to remote working coupled with accelerated digital transformation poses significant challenges to enterprise cybersecurity operations, widening the threat landscape and exposing enterprise networks, devices and data to increasing cybersecurity risk. Unmanaged devices, shadow IT and rapidly deployed remote access networks have all introduced emerging vulnerabilities that are being exploited by cybercriminals, making securing the enterprise even more difficult for CSOs and their teams.
COVID-19 has initiated a whole new host of cybersecurity threats. Twitter was one of the latest victims, its employees allegedly being targeted so that hackers should take over the accounts of certain verified users. And just before that, a June 25 story in The New York Times detailed the way in which a foreign entity is attempting to infiltrate American business by taking advantage of remote employees whose organizations – more than 400 million worldwide – use virtual private networks (VPNs).
There is a lot to consider when deciding on new fire alarm technology. Whether you are installing a new fire alarm system or adding to an existing system, flexibility is a crucial consideration in order to prepare for future building requirements and/or technology changes. Adaptations and technology upgrades to satisfy changing code regulations can often be the most significant expenses associated with life safety systems after installation. It is important to learn how your system can handle these adaptations and how much it will cost to upgrade and maintain your new system. Learning the difference between proprietary and non-proprietary fire alarm systems will help you to avoid unnecessary expenses during upgrades or expansions.
By looking at hospitals – and the resulting mad scramble and actions they took to protect their patients – there are four lessons that can be distilled to help those in the thick of a spike or for those planning for the next surge.
RSS
