The Office of Management and Budget issued the first-ever governmentwide guidance for mitigating risks associated with the federal use of artificial intelligence, including specific actions agencies must complete within a year to help ensure the responsible use of emerging tools and technologies.
What will it take to rid the world of SQL injection vulnerabilities, which remain too easily exploitable by attackers for ransacking databases and worse, despite having been classified as "unforgivable" for nearly two decades? U.S. government cybersecurity officials have thoughts.
The transition to a career in cybersecurity is not just a change of professional direction; it represents a commitment to defending the digital world. Here's how you can get the critical technical skills needed to fill the 4-million-job shortfall and protect our interconnected world.
Proposed federal sticks and carrots to incentivize the health sector to implement stronger cybersecurity standards are already meeting opposition from some industry groups that say financial help is welcome but payment penalties for perceived laggards likely will do more harm than good.
The European Commission will scrutinize Meta's pivot to a subscription model in response to a string of rulings from data protection boards limiting the social media giant's ability to legally collect user data. Europe announced a slew of investigations into American big-tech companies.
After suffering a data breach, organizations that work closely with regulators and cybersecurity officials will be treated with greater leniency if their case results in penalties and a fine, says new guidance on data protection fines published by the U.K. Information Commissioner's Office.
If we proactively tackle the complexities of the AI revolution, we can ensure that it serves as a catalyst for innovation rather than a source of displacement. With thoughtful planning and inclusive policies, the integration of AI into the professional world can enhance human potential.
A Russian hacking group is targeting German political parties as part of a Moscow-backed espionage campaign. The latest APT29 campaign marks the first time the group has been seen targeting political organizations, according to researchers at Mandiant.
A nursing home operator is seeking bankruptcy protection, citing the effects of a ransomware attack last fall and fallout from the recent Change Healthcare outage as factors that contributed to its financial woes. Also, a Senate bill aims to address cash flows for some health firms hit by an attack.
In the latest weekly update, four editors discussed ISMG's plans for in-depth and diverse coverage at the 2024 RSA conference, the latest guidance on web trackers from federal regulators and the latest forecasts on quantum computing - and why security teams should care.
Chief information security officers are challenged with building high-functioning cybersecurity teams amid an impossible labor and skills market. Here are strategies they can use to assemble teams capable of defending their organizations against the myriad of cyberthreats they face daily.
Revenue cycle management firm MedData has agreed to a $7 million settlement in a class action lawsuit filed after an employee inadvertently uploaded and exposed the health and personal information of about 136,000 individuals on the public-facing part of GitHub for more than a year.
Fraudsters increasingly focus on synthetic entity fraud because forming a corporation requires few verification checks. This lack of rigorous verification by business registrars has led to an explosion in fake companies, said Andrew La Marca at Dun & Bradstreet.
Cybersecurity startups are wary of the public markets following a hard economic reset that made profitability more important than growth and performance more important than potential. Due to this dramatic shift, lots of cybersecurity startups want to file for an IPO, but nobody wants to go first.
Federal regulators have issued updated guidance about web trackers on patient portals or other health-related websites, saying that collecting and disclosing certain information - such as device IP addresses - does not necessarily pose HIPAA violations, under some circumstances.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.co.uk, you agree to our use of cookies.