BankInfoSecurity.com

Focus on Cyber Hygiene, Advanced Tools and Rapid Response to Outsmart Attackers
Modern cyberthreats require modern defense tactics. Ransomware now employs multilayered extortion tactics that target operations and reputations. With 68% of breaches involving human error, CISOs and leaders must focus on cyber hygiene, advanced security tools and rapid response strategies.

Weigh the Options for Open-Source and Vendor-Backed Solutions and Try Them Out
Open-source tools can be powerful, flexible and budget-friendly, but they are not always the right choice. Understanding their strengths, weaknesses and best use cases will help you decide when to use them and when to consider a commercial alternative.

No, But It Will Shift Their Focus to More Strategic and Creative Roles
Artificial intelligence is reshaping cybersecurity workflows, automating tasks and enhancing efficiency. But does that mean security professionals are at risk of being replaced? Not quite. AI is redefining roles, rather than eliminating them, to focus more on strategic thinking and problem-solving.

Self-Described Hacktivists Appear to Remain Moscow Foreign Policy Extension
Russia's use of high-profile online nuisance attacks as a psychology ploy designed to amplify Moscow's geopolitical agenda continues. As Europe has rallied to support Ukraine, self-proclaimed Russian hacktivists have trumpeted their targeting of the U.K. and EU member states, instead of the U.S.

Artificial intelligence-based tools are among the most promising advancing technologies for healthcare sector organizations to help to address cybersecurity resource shortages, said Chris Tyberg, CISO of medical device and consumer health product manufacturer Abbott.

Legacy apps and medical devices continue to pose persistent and considerable risk to healthcare IT environments, and many organizations are still unaware of their prevalence in their settings, said Keith Fricke, partner and principal consultant at tw-Security, who discusses mitigation steps to take.

The use of artificial intelligence is not only reshaping healthcare delivery in the sector but also healthcare cybersecurity within organizations, said Anahi Santiago, CISO of ChristianaCare, the largest healthcare delivery organization in the state of Delaware.

State privacy laws, such as Washington State's My Health My Data Act, could throw a curve ball in the use of certain consumer information for artificial intelligence and machine learning endeavors, said regulatory attorney Adam Greene of the law firm Davis Wright Tremaine.

Experts Express Surprise Over Major Social Platform Falling Victim to DDoS Attacks
One of the world's biggest social networks continued to face intermittent outages Tuesday, apparently due to unsophisticated, distributed denial-of-service attacks. Experts said the attacks were traced to malware-infected devices - many based in the U.S. - and pro-Palestinian hacktivists.

Plankey Led Efforts to Engage Energy Sector in Cyber Prep During Trump's First Term
President Donald Trump has nominated a former Energy Department and National Security Council cybersecurity official to lead the U.S. Cybersecurity and Infrastructure Security Agency. National Guard and Coast Guard Veteran Sean Plankey has been tapped to replace Jen Easterly as the director of CISA.

Abuse Can Lead to Fraud, Impersonation Scams
Need a new voice? Artificial intelligence has you covered. Need to protect your own? That's another story. Some of the most widely used AI voice synthesis tools offer only superficial safeguards against misuse - if any at all, researchers found in a recent analysis.

Stretched Agency Must Balance HIPAA Enforcement With Policing DEI in Healthcare
HHS investigators charged with protecting the civil rights and privacy of patients are now assigned to finding and stamping out diversity, equity and inclusion programs at universities and hospitals, with DEI deemed discriminatory under the Trump administration.

British Government Proposals Also Include Payment Bans for Critical Infrastructure
Banning ransom payments by public sector and critical infrastructure entities, notifying the government of any intent to pay a ransom, and reporting incidents to authorities comprise three counter-ransomware initiatives proposed by the British government. Which ones will pass muster?

Kong's API Security Perspectives Report Says Many Teams Unprepared for AI Threats
Despite 92% of companies securing their APIs, 40% of leaders doubt whether their investments are adequate against AI-driven threats, said Kong's API Security Perspectives Report. Only 13% of organizations in the U.S. and 4% in the U.K. admit to taking no specific measures against AI threats.

Malware Used a Hardcoded IP Address for Command and Control
U.S. federal law enforcement said Tuesday it deleted more than 4,000 instances of PlugX malware used in a Chinese cyberespionage operation after a European partner gained control of the malware's command and control server. PlugX spreads through infected USB drives.

Mission Omega's Ian Mitchell on What Works and What Doesn't in Program Integration
Fraud management and anti-money laundering represent two distinct disciplines in financial crime prevention. While AML primarily is a compliance-driven function, fraud is a risk management function driven by the organization's risk appetite for fraud, said Ian Mitchell, co-founder of Mission Omega.