Software Integrity Blog

Archive for the 'Data Breach Security' Category

 

More medical mega-breaches thanks to third-party insecurity

The AMCA breach hammers home the need for supply chain security. Here’s how to vet your vendors so you can keep from becoming the next Quest or LabCorp.

Continue Reading...

Posted in Data Breach Security, Healthcare Security & Privacy, Software Security Program

 

Advances in healthcare security since the Anthem data breach

The Anthem data breach in 2014–2015 was the largest healthcare data breach ever. But healthcare cyber security has improved since then.

Continue Reading...

Posted in Data Breach Security, Healthcare Security & Privacy

 

Security lessons from the House Oversight and Government Reform Committee

The U.S. House Committee on Oversight and Government Reform has more than a few things to say about responsible enterprise application security.

Continue Reading...

Posted in Data Breach Security, Security news and research

 

Things get ‘seriously’ insecure yet again for Facebook

Facebook CEO Mark Zuckerberg has had to use variations of the word “serious” a lot over the past year—most notoriously regarding the social media giant’s sale of member data to Cambridge Analytica, which was viewed as affecting the 2016 presidential election.

Continue Reading...

Posted in Data Breach Security

 

These hacks brought to you by ‘leaky’ APIs

Leaky APIs expose customer data for free to anyone who knows the URL. What are you doing to protect your customers from hackers targeting your APIs?

Continue Reading...

Posted in Data Breach Security, Web Application Security

 

SingHealth hit with ‘unprecedented’ cyber attack

After the SingHealth cyber attack, it took a week for attackers to steal the personal data of 1.5 million people—about a quarter of the city-state’s population.

Continue Reading...

Posted in Data Breach Security, Healthcare Security & Privacy

 

GDPR raises the stakes on data breaches

Another week, another list of data breaches resulting from vulnerabilities in third-party contractors for high-profile companies.

Continue Reading...

Posted in Data Breach Security, Software Compliance, Quality & Standards

 

Timehop breach provides GDPR response template

The Timehop breach disclosed 21 million individuals’ account information. And now we know what public disclosure of a breach might look like under GDPR.

Continue Reading...

Posted in Data Breach Security, Software Compliance, Quality & Standards

 

Security IRL at RSA Conference 2018

We took the opportunity at RSA Conference last month to survey our booth visitors about their organizations’ application security programs. We’ve sponsored and conducted a number of surveys on topics ranging from DevSecOps to open source security to medical device security, but there’s something about collecting feedback from conference attendees in person that really hits home—a glimpse into security IRL, if you will. Taking a look at security IRL Most attendees (78%) reported direct roles in cybersecurity, risk management or software engineering, representing a wide range of industries. Some of the findings were far from unexpected. For example, 40% of respondents cited a lack of skilled security professionals as the biggest challenge in implementing their application security programs. We also found that a startling number of respondents didn’t even know whether their organizations were the target of a cyber attack in the last two years.

Continue Reading...

Posted in Data Breach Security

 

Office 365 email protection gets blindsided

Maybe you could call it two-factor fakery.

Continue Reading...

Posted in Data Breach Security