COVID-19 Resource Center: Latest News and Insights on the Novel Coronavirus and Cybersecurity Response

The COVID-19 pandemic has changed how we all live and work, creating the largest remote workforce in history. Never have topics such as identity and access management, device security and business resiliency been more critical. Use this COVID-19 Resource Center for the latest updates and opinions on the virus, its influence on the threat landscape and how global organisations can improve response.

COVID-19 First Anniversary: It's About Vaccines & Variants

Tom Field • January 20, 2021

As the U.S. marks its first anniversary of fighting COVID-19, pandemic expert Regina Phelps says the next several, critical weeks come down to two vital words: vaccines and variants. "Those are going to determine our destiny for the long and foreseeable future," she says.

Fraud Management & Cybercrime

Phishing Email Campaign Uses Updated COVID-19 Theme

Latest

Governance & Risk Management

The Final HIPAA Actions Under Trump Administration

Marianne Kolbasuk McGee • January 20, 2021

On the final full day of the Trump administration, HHS prepared to publish proposed changes to the HIPAA Privacy Rule this week. Plus, it revealed plans to ease off on HIPAA enforcement when organizations use certain web-based applications to schedule COVID-19 vaccinations.

Governance & Risk Management

Privacy Fines: Total GDPR Sanctions Reach $331 Million

Mathew J. Schwartz • January 19, 2021

Privacy watchdogs in Europe have imposed fines totaling more than $330 million since the EU's General Data Protection Regulation went into full effect in May 2018, according to law firm DLA Piper. Over the past year, regulators received 121,000 data breach notifications, up 19% from the year before.

Governance & Risk Management

CISA Warns of Surge in Attacks Targeting Cloud Services

Scott Ferguson • January 14, 2021

The U.S. Cybersecurity and Infrastructure Security Agency warns that hackers are increasingly targeting cloud services by waging phishing schemes and brute-force attacks. CISA recommends a number of defenses, including regularly reviewing Active Directory sign-in logs and enforcing multifactor authentication.

Governance & Risk Management

2021: The State of Privacy

Tom Field • January 8, 2021

From contact tracing to data transfer to the new California Privacy Rights Act, 2021 already is shaping up to be a big year for privacy. Trevor Hughes, CEO and president of the International Association of Privacy Professionals, offers a "state of privacy" overview.

CCPA

Analysis: The Latest SolarWinds Hack Developments

Anna Delaney • January 8, 2021

This edition of the ISMG Security Report features an analysis of the very latest information about the SolarWinds hack. Also featured are discussions of "zero trust" for the hybrid cloud environment and data privacy regulatory trends.

Endpoint Security

Analysis: Permitting Cybersecurity Donations to Physicians

Marianne Kolbasuk McGee • January 4, 2021

New regulatory provisions that allow healthcare systems to make donations of cybersecurity technology and services to physician practices could help greatly bolster security in the sector, says attorney Julie Kass of law firm Baker Donelson.

Governance & Risk Management

Protecting Healthcare Data Integrity

Marianne Kolbasuk McGee • December 29, 2020

In the year ahead, healthcare organizations must be prepared to face an assortment of advancing security threats, including those that damage the integrity of critical patient data, says Rod Piechowski of the Healthcare Information and Management Systems Society.

Fraud Management & Cybercrime

Lazarus Group Targeted COVID-19 Research

Prajeet Nair • December 24, 2020

The Lazarus Group, a North Korean advanced persistent threat gang, apparently recently targeted a national ministry of health and a drug manufacturer involved in developing a COVID-19 vaccine in an attempt to steal information, according to the security firm Kaspersky.

Fraud Management & Cybercrime

Analysis: The Impact of SolarWinds Hack

Anna Delaney • December 18, 2020

The latest edition of the ISMG Security Report features an analysis of what we know so far about the impact of the SolarWinds supply chain hack and how to respond.

Governance & Risk Management

COVID-19: 'The Whole Country Is on Fire'

Tom Field • December 15, 2020

As we near the end of one year of living with COVID-19, the pandemic is creating new U.S. daily records for infections, hospitalizations and deaths. "The whole country is on fire," says pandemic expert Regina Phelps.

Fraud Management & Cybercrime

CISA Warns of Increasing Cyberthreats to US K-12 Schools

Prajeet Nair • December 11, 2020

CISA is warning that local K-12 school districts are increasingly under assault by cyberthreats targeting vulnerable networks that are disrupting physical and virtual education throughout the U.S. The top security problems include ransomware, Trojans and other malware as well as DDoS attacks.

Fraud Management & Cybercrime

Cybersecurity Leadership: Fighting Back Against Fraud

Tom Field • December 11, 2020

Fraud explodes in tough times, and do times come any tougher than they have with COVID-19? In this latest Cybersecurity Leadership panel, CEOs and CISOs describe their efforts to spot and stop emerging fraud schemes involving synthetic IDs, social engineering and greater insider risks.