Supply chain threats are a growing part of the landscape. In a year that included Kaseya, Outlook and SolarWinds, that has never been more clear. But the extraordinarily rapid growth makes predicting future events a little more difficult. Is the spike a one-off based on a single massive event or a new normal?
Former Bank of America CIO David Reilly, who recently joined the boards of Safe Security and Ally Bank, says administrators, employees and third-party vendors add to the risk landscape.
The cybersecurity agency said there is evidence that malicious hackers were able to reverse engineer an update fixing two of the vulnerabilities within 48 hours to create an exploit for unpatched systems.
The U.S.-EU Trade and Technology Council will foster cybersecurity best practices to small- and medium-sized businesses, a group disproportionately impacted by cyber threats.
New guidance from the Cloud Security Alliance aims to support delivery organizations with assessing and managing cybersecurity risks to the healthcare supply chain.
For the last year, several clients of tech vendor ECL have faced a host of patient safety, service issues, outages, and compliance concerns over what they allege were ‘concealed ransomware’ incidents.
A CyberRisk Alliance Business Intelligence survey finds that public sector agencies are concerned about their ability to mitigate third-party security risks.
The bill would require CISA and HHS to enter into a collaborative agreement around improving cybersecurity in the healthcare and public health sectors, with CISA ultimately charged with defining what that means.
A CRA Business Intelligence report points to increased concern over attacks traced to third parties: 66% saw an uptick in third-party security incidents in the last 12 months.
The Lapsus$ extortion group posted screenshots to its Telegram channel Monday night they say prove they breached identity management vendor Okta. The group said the Okta breach was not intended to get data from Okta, but instead leverage the access to Okta to attack Okta clients.