Cyberattacks in the healthcare industry show no signs of abating. In 2018, 15 million healthcare records were breached. Alarmingly, in the first half of 2019 alone, 32 million healthcare records were compromised as a result of multiple incidents including the American Medical Collection Agency (AMCA) breach. At AMCA, 24 million patient records were affected when an unauthorized user accessed systems that contained sensitive information like SSN, provider names and medical information.

Sometimes your best intentions are thwarted by technology. That was the case when Thom Langford and I attempted to do a Q&A session after our webinar “Modern Skills for Modern CISOs.” Unfortunately, the session ended before we got the chance to answer the questions that the audience had submitted. The silver lining is that we had the chance to write our answers thoughtfully instead of answering them on the spot.

A selection of this week’s more interesting vulnerability disclosures and cyber security news. A great choice in the news this week. I have to start with a huge breach of another hotel chain with the added misfortune that it also reaped US military bookings. Ouch.

Corporate espionage is espionage conducted for commercial or financial purposes. Corporate espionage is also known as industrial espionage, economic espionage or corporate spying. That said, economic espionage is orchestrated by governments and is international in scope, while industrial or corporate espionage generally occurs between organizations.

As cybersecurity measures are improving day by day, threat actors are also being sophisticated and creating high profile attacks to evade modern defense systems. These attacks result in generating major incidents, which are the highest-urgency and highest-impact incidents that can affect too many individuals or/and companies at the same time depriving critical data or hampering critical business operations.

October is Cyber Security Awareness month, and a good time for organizations and anyone who uses the Internet (yes that means everyone) to review security best practices, for a safer user experience. Based on the current state of the Internet, here are our best tips for a better online browsing experience, for website guardians and end users.

Operations security (OPSEC) is a process that identifies friendly actions that could be useful for a potential attacker if properly analyzed and grouped with other data to reveal critical information or sensitive data. OPSEC uses countermeasures to reduce or eliminate adversary exploitation.

Third-party vendors are an important source of strategic advantage, cost savings and expertise. Yet outsourcing is not without cybersecurity risk. As organizations' reliance on third-parties grow, so too does their exposure to third-party risk and fourth-party risk. In fact, a recent HSB survey found nearly half of data breaches in 2017 were caused by a third-party vendor or contractor.

“How do I enable GitOps for my network policies?” That is a common question we hear from security teams. Getting started with Kubernetes is relatively simple, but moving production workloads to Kubernetes requires alignment from all stakeholders – developers, platform engineering, network engineering, security. Most security teams already have a high-level security blueprint for their data centers.