Danny Palmer reports: Be they disaffected insiders or victims of blackmail, staff at telecommunications firms are providing cybercriminals with the information required to carry out cyberattacks against their employers. With the sector a top target for hackers — as demonstrated by last year’s TalkTalk hack — Kapersky Lab’s Threat Intelligence Report for the Telecommunications Industry warns telecoms providers that…
Category: Commentaries and Analyses
Many hospitals transmit your health records unencrypted
Lucas Mearian reports: About 32% of hospitals and 52% of non-acute providers — such as outpatient clinics, rehabilitation facilities and physicians’ offices — are not encrypting data in transit, according to a new survey. Additionally, only 61% of acute providers and 48% of non-acute providers are encrypting data at rest. Read more about the results…
‘Significant’ security holes in Medicare/Medicaid data
Norman Leahy reports: Medicare and Medicaid have “significant” vulnerabilities in their wireless networks that jeopardize the personal information of millions of citizens, according to a report issued Wednesday. If exploited, the security holes at certain Centers for Medicare and Medicaid Services data operations could result in “unauthorized access” to personally identifiable information and a possible “disruption…
Adding Insult to Injury: Is There Coverage for a Data Breach or Hacking Event that Causes Physical Damage?
Ken Kronstadt of Kelley Drye & Warren LLP writes: If you have turned on a television recently, you have likely seen advertisements for Wi-Fi-networked appliances and devices such as refrigerators or thermostats. While these devices represent a giant leap in consumer convenience, it is not difficult to imagine hackers ex-ploiting a security vulnerability in such a device…
Companies Fare Worse When the Press Exposes Their Problems Before They Do
An-Sofie Claeys, Verolien Cauberghe, and Mario Pandelaere have been conducting some interesting research on crisis management. Not surprisingly, they found that when entities disclosed first, even subsequent critical reports on their incidents had less impact than if critical reports appeared before the entity disclosed. Their studies were not addressing data breach disclosures per se, but the…
Cost of a Breach: Forensics and Notification
Protenus, who provide software to monitor, detect, and reduce insider mis-steps such as snooping and other egregious wrongdoing, has been writing a series of posts on the cost of a breach. In this week’s installment, they looked at the costs of forensics and notification. Considering I’ve recently been blogging about entities that don’t have insurance for breaches, some…