A report on the implications of failing to notify manufacturers of security flaws in their medical devices and a conversation with internet co-founder Vint Cerf highlight the latest edition of the ISMG Security Report.
At least some of the alleged cybersecurity vulnerabilities in St. Jude Medical cardiac devices that were found by research firm MedSec Holdings don't necessarily translate to serious clinical risks for patients, says medical device security expert Kevin Fu.
Data centers are difficult to defend, and securing the perimeter is important but of little consequence if attackers get inside. But there are ways to lock down data centers, former White House strategist Nathaniel Gleicher explains in this interview.
The way the U.S. federal government funds information technology served as a major contributor to last year's breach of computers at the Office of Personnel Management that exposed 21.5 million records, says Federal Chief Information Officer Tony Scott.
Intelligence agencies sometimes seek out and develop exploits for the very technology that their nation's organizations rely on to secure their data. In an interview, cybersecurity expert Alan Woodward offers insights on how information security professionals should respond.
In an interview, Internet pioneer Vint Cerf says he sees a secure future for the network of networks he helped create four decades ago as the co-developer of TCP/IP, the protocol that facilitates internet communications.
A report on an FBI warning to state election officials that their IT systems could be hacked leads the latest edition of the ISMG Security Report. Also, Australian officials mull bitcoin technology to secure elections.
A report exploring how some organizations have been stockpiling bitcoins to use to pay off attackers if, or when, they become victimized by ransomware attacks leads the latest edition of the ISMG Security Report.
The process of managing software vulnerabilities inside the enterprise is complicated by the sheer number of patches that must be assessed, applied, tested and rolled out, says Wolfgang Kandek of Qualys, who offers suggestions on how to better focus those efforts.
Many organizations take months or years to discover they've been victimized by breaches because they lack experienced cybersecurity personnel, says employment researcher David Foote. The "maturing of the workforce" will take considerable time, he says in an interview.
Security spending - as a percentage of IT budgets - in recent years has been getting out of hand, says Chris Richter of Level 3 Communications, who offers suggestions for how to better keep costs under control.
Hear ISMG editors untangle the various elements in the Shadow Brokers-Equation Group saga, evaluate a new anti-ransomware tool and reflect on the 10th anniversary of the PCI Security Standards Council in this edition of the ISMG Security Report.
Sam Lodhi, director at niche services firm IBRS, speaks about adapting biological cybernetics to help management understand information security risk better and how cybernetics can be applied to other verticals.