Colocation centers

Problem solve

  • Insider Edition: Improved threat detection and incident response

    The security incident response process isn't getting any easier, not in an age characterized by mobile workers, cloud computing and faster networks. So much can go wrong: Attacks can come from any source and use every method imaginable -- and some not yet identified. The trick is to get a grasp on what's most likely to breach your system, ensure that you're alerted when it does and know what you're going to do about it when it happens. To achieve this, you need to have a security incident response plan in place. As part of this plan, set up good policies and coordinated responses, making sure your IR tools are the most capable possible, including those that can automate aspects of the security incident response process.

    This Insider Edition of Information Security magazine focuses on how to minimize cyber-risk through threat detection and incident response. Security pros will find the latest information on options for IR tools and other ideas on making your incident response process as effective as it can be.

    Continue Reading

  • Is it possible to get a new CISO position after being fired?

    CISO turnover is common after a security incident, but it's not the end of a career in security. Expert Mike O. Villegas discusses how to increase the odds of finding a new CISO position.Continue Reading

  • Preventing and responding to a healthcare ransomware infection

    The healthcare industry is a target for ransomware infections. Expert Ernie Hayden explains how organizations can take steps to prevent and respond to these attacks.Continue Reading

  • Q&A: Looking at cyberweapons and other issues with Nathaniel Gleicher

    The former White House cybersecurity policy director talks about cyberthreats, the government's vulnerability equities process and lawful use of exploit toolkits.Continue Reading

  • For HIPAA-compliant cloud storage, weigh risks and set recovery steps

    Healthcare organizations and the cloud storage providers they work with must conduct risk assessments to confirm that all parties are safeguarding patient data as part of HIPAA-compliant cloud storage.

    Cloud companies that handle protected health information on behalf of providers are required to sign business associate agreements, some aspects of which are now subject to HIPAA audits by the federal government.

    This handbook looks at cloud storage and backup technology and its relationship to HIPAA compliance. Over the three chapters in this guide, our contributing writers look at how providers, business associates and covered entities are preparing for HIPAA audits; how health systems use the cloud for backup storage purposes and disaster recovery efforts; and how moving more healthcare data into the cloud has changed other aspects of providers' businesses.

    Continue Reading

  • Data breach compensation: What enterprises need to know

    Data breach compensation amounts often fall short of covering the actual damages, especially in a cloud breach. Expert Frank Siemons discusses data breach settlement options.Continue Reading

  • Healthcare asset management key to securing medical imaging systems

    Hospitals can prevent cybersecurity breaches by managing healthcare assets such as MRI and CT scanners and requiring mobile devices to register with an MDM solution.Continue Reading

  • Securing medical imaging systems requires interdepartmental cooperation

    To protect medical imaging systems from breaches or attacks, hospitals should focus on cross-department cooperation and take a holistic approach to cybersecurity.Continue Reading

  • Is settling a data breach lawsuit the best option for enterprises?

    In the unfortunate event of a data breach lawsuit, it's often better to settle before the case reaches court. Expert Mike O. Villegas explains why and how CISOs can help.Continue Reading

  • Insider security threats: What CISOs can do to mitigate them

    Dealing with insider security threats requires a combination of tactics. Expert Mike O. Villegas discusses the various aspects of insider threat mitigation strategies.Continue Reading

  • For effective healthcare data protection try a 'layered' approach

    Healthcare organizations can protect patient data from breaches with a three-layered approach that combines traditional and advanced protection features.Continue Reading

  • Five steps for responding to hospital ransomware attacks

    Hospitals are prime targets for ransomware attacks. Health IT teams must move quickly to identify and isolate a ransomware infection to keep it from spreading.Continue Reading

  • Verizon: Human error still among the top data security threats

    Verizon's 2016 Data Breach Investigations Report found human vulnerabilities and errors continue to be among companies' top data security threats.Continue Reading

  • Cyberinsurance policies: Getting coverage and avoiding limitations

    The cyberinsurance market is maturing rapidly, but there are still gray areas to navigate. Sean Martin explains what enterprises should know about policies.Continue Reading

  • Enterprise mobile strategy: Step up security

    CISOs are tasked with developing an effective enterprise mobile strategy that offers different levels of mobile security, from device management to application-layer controls. Some companies are moving beyond device management and containerization to protect the data layer. An effective enterprise mobile strategy can increase employee productivity, but how can security programs strike a balance between user experience and information security? In this issue of Information Security, we talk to companies about their enterprise mobile strategies to find out what works and what doesn't.

    Even with all the momentum in advanced authentication, some enterprises show no signs of moving beyond usernames and passwords. Why isn't advanced authentication, such as one-time passwords or multifactor authentication (MFA), widely deployed? Despite the challenges of implementing and maintaining strong authentication methods, they provide significant benefits over password-only authentication mechanisms. The consumerization of MFA may lower costs. We look at strong authentication strategies and best practices for these methods on premises and in the cloud.

    Also, we continue our Readers' Top Picks series with a look at enterprise encryption tools. TechTarget polled 1,435 IT and security professionals at medium-to-large enterprises who told us that they have active encryption projects or technology purchases in the next 12 months. Look for a shortlist of products and features from readers who plan to invest in enterprise encryption tools.

    Continue Reading