The healthcare sector stands at a crossroads where innovation and technology are drastically reshaping patient care, yet simultaneously, it faces the increasing challenge of protecting sensitive patient data. As healthcare organizations adopt advanced technologies like electronic health records (EHRs), telemedicine, and AI-driven diagnostics, the need for robust cybersecurity measures becomes paramount.

In today’s complex cloud environments, security and engineering teams need to manage vulnerabilities and misconfigurations across multiple layers of the stack, including cloud resources, clusters, containers, and applications. Often, this results in a lengthy list of problems that lacks prioritization and is daunting for users to address.

As the digital revolution has unfolded, the dramatic increase in the amount of code written, borrowed, and bought means that the attack surface has also increased dramatically. Software proliferation creates challenges for teams that must keep up with innovation while also securing their software.

Lurking in the open source software (OSS) that pervades applications around the world are open source security risks technology leaders must be aware of. Software is one of technology’s most vulnerable subsets with over 70% of applications containing security flaws. Here are the open source security risks IT leaders must be aware of to protect technology and help it scale safely.

In the fast-paced world of cybersecurity, change is not only constant but crucial. The New York Department of Financial Services (NY-DFS) demonstrated that principle on Nov. 1, 2023, when it completed a sweeping set of updates to its cybersecurity regulation. If you find yourself apprehensive about these changes, fret not — I’m here to guide you through the process and to provide a comprehensive plan for successfully meeting the new regulations.

In organizational risk management, Risk Tolerance and Risk Appetite are two fundamental concepts. These concepts are applied in areas such as business investing, decision making, cybersecurity risk management, and overall finance. While these concepts complement each other, they do have different meanings. A simple distinction is this: And there’s a bit more to it.

As the world of digital payments evolves rapidly, staying ahead in terms of security standards is paramount for any business handling cardholder data. The introduction of PCI DSS 4.0 brings significant updates and enhancements aimed at strengthening payment security and overall cybersecurity in an increasingly complex cyber landscape.

One of the most common industries to face high-profile cybersecurity incidents is healthcare. The healthcare industry is a prime target for cybercriminals due to the vast amount of healthcare data, critical services provided, and the large scale of hospitals, private practices, and clinics. The healthcare sector can significantly enhance its cyber resilience and avoid potentially damaging cybersecurity incidents by implementing a reliable cybersecurity software solution.

Author: Owen Denby, General Counsel, SecurityScorecard On October 30, 2023, the SEC charged both SolarWinds and their CISO Tim Brown with defrauding investors, by failing to make disclosures about cybersecurity issues and vulnerabilities related to the massive nearly two-year long “SUNBURST” hack of the company.