COVID-19 Resource Center: Latest News and Insights on the Novel Coronavirus and Cybersecurity Response

The COVID-19 pandemic has changed how we all live and work, creating the largest remote workforce in history. Never have topics such as identity and access management, device security and business resiliency been more critical. Use this COVID-19 Resource Center for the latest updates and opinions on the virus, its influence on the threat landscape and how global organisations can improve response.

Attackers with physical access to the printers could access admin passwords in clear text. (Source: Konica Minolta)

COVID Delays Patching of Vulnerable Konica Minolta Printers

Mihir Bagwe • May 13, 2022

Hundreds of thousands of Konica Minolta printers used in businesses have reportedly been vulnerable to three critical flaws since 2019. Although a patch was available, deployment was delayed as the firmware update required physical access to the printers and COVID-19 made that difficult.

Access Management

OT-IT Integration Raises Risk for Water Providers, Experts Say

Latest

Endpoint Security

Medical Devices: Tackling 3rd-Party Component, Software Risk

Marianne Kolbasuk McGee • March 22, 2022

The integration of third-party components and software is an increasingly critical area of security risk that needs more attention from medical device manufacturers, says Anura Fernando, global head of medical device security at safety certification firm UL.

Governance & Risk Management

Exclusive: Interview with HHS OCR Director Lisa Pino

Marianne Kolbasuk McGee • March 21, 2022

The Department of Health and Human Services has an ambitious regulatory agenda in the months ahead and plans for strong enforcement of HIPAA violations, says Lisa Pino, director of the HHS Office for Civil Rights, in an exclusive interview. She also discusses evolving breach trends.

Access Management

2 Healthcare Hacking Incidents Affect 310,000 Patients

Marianne Kolbasuk McGee • March 9, 2022

An Alabama clinic and an Indiana-based orthopedic practice have each reported hacking incidents discovered last fall that affected the information of more than 310,000 individuals in total. Both entities list various measures they are taking to bolster security in the wake of those incidents.

Endpoint Security

9 Essentials for Global CISOs During Russia's Ukraine War

Mathew J. Schwartz • March 3, 2022

As Russia's invasion of Ukraine continues, what should global CISOs and security teams do to ensure that their organizations stay protected? Beyond following cybersecurity agencies' guidance, experts offer advice on how to brief the board of directors, appeal for resources, support teams and more.

Fraud Management & Cybercrime

Preparing the Entire Workforce for Devastating Cyberattacks

Marianne Kolbasuk McGee • February 8, 2022

It is essential that entities across all industries - and especially in healthcare - better prepare every type and level of worker on how to respond to potentially devastating ransomware attacks, says privacy and security attorney Erik Weinick of law firm Otterbourg PC.

Endpoint Security

Bill Requires Medical Device Makers to Enhance Cybersecurity

Marianne Kolbasuk McGee • April 5, 2022

Bipartisan legislation proposed in the U.S. Senate and House aims to strengthen healthcare sector infrastructure by requiring medical devices manufacturers to implement critical cybersecurity measures for the regulatory premarket approval process and life cycle of their products.

Fraud Management & Cybercrime

Survey: State of Security Automation in Financial Services

Tom Field • April 1, 2022

When it comes to advanced threat response, 42% of financial institutions say their current abilities are average. Only 35% say automation currently plays a strong role. Josh Zelonis of Palo Alto Networks and Sid Srivastava of Accenture analyze the State of Security Automation in Financial Services.

Access Management

Why Access Governance Is Crucial For Strong Cybersecurity

Isa Jones • April 1, 2022

If an organization doesn’t know who is accessing what, how can they be trusted to make sure a bad actor isn’t gaining access to data, assets, or systems they shouldn’t?

Endpoint Security

Securing Industry 4.0: Insights From New Research

Tom Field • March 29, 2022

Eighty percent of survey respondents say they either are well on the way or getting started toward becoming a "smart manufacturing company." Cloud migration, business resiliency and securing OT environments are among their priorities. Del Rodillas of Palo Alto Networks analyzes the survey results.

Governance & Risk Management

How Has COVID-19 Changed CISO Approach to Data Security?

Tom Field • March 29, 2022

Fifty-three percent of survey respondents say cyberthreats became fiercer during COVID-19, and 17% say the pandemic disrupted their data security initiatives. These are among findings of a new survey sponsored by HelpSystems. Cary Hudgins analyzes the results and discusses how to put them to work.

Application Security & Online Fraud

How a Global Pandemic Changed the Fraud Landscape

Tom Field • March 14, 2022

Pete Barker was a cybersecurity Digital Loss Prevention practitioner before joining SpyCloud as Director of Fraud & Identity. He saw first-hand the impact of COVID-19 on fraud incidents, which are more automated and broadly targeted. He explains how "COVID changed all the rules" and how defenders can raise their game.