Tag: CISO | Page 5

UnitedHealth CISO: Ransomware ‘an existential risk to the delivery of care’

November 8, 2021/in Internet Security

As part of the HIMSS Healthcare Cybersecurity Forum virtual event December 6-7, Aimee Cardwell, the chief information security officer for the UnitedHealth Group at Optum Technology, will dig into the subject of ransomware in an educational session entitled “Ransomware: Today’s Threat Landscape.” Optum Technology is UnitedHealth Group’s IT and services subsidiary.

Ransomware continues to expose the vulnerabilities in the global network from the government to infrastructure to hospitals. In this session, Cardwell will discuss the current threat landscape and the ransomware to watch out for.

In a sneak-peek of the session, Healthcare IT News interviewed Cardwell to get her to explain the cybersecurity landscape and some of the best defenses against ransomware.

Q. What is the current threat landscape for healthcare organizations?

A. We see three major categories of threat. First, ransomware. According to the Wall Street Journal, ransomware has become the most lucrative form of malware globally, generating $350 million in 2020, while causing over $20 billion in damages and downtime over the same period.

The healthcare industry makes up 11.6% of all ransomware attacks. As an example, Ireland’s Health Service Executive is responsible for healthcare and social services across Ireland. They were attacked with ransomware that caused a shutdown of all IT systems. Eight weeks after the attack, services were still only 90% recovered.

Second, zero-day vulnerabilities. These refer to a vulnerability in a system or device that has been discovered but is not yet patched. You may recall hearing about PrintNightmare, which took advantage of a zero-day vulnerability in Microsoft’s print spooler, allowing a user on the network to gain elevated access on any system with print capability.

And third, supply chain attacks. These involve tampering with the digital infrastructure of a company’s software to install undetectable malware to bring harm to organizations further down the supply chain network. You may remember reading about Kaseya, a software provider that provides remote management monitoring, which was the victim of an attack by the REvil ransomware group over the Independence Day weekend this…

Source…

Torq Appoints Talha Tariq to Company’s CISO Advisory Board | Business

November 2, 2021/in Internet Security

PORTLAND, Ore–(BUSINESS WIRE)–Nov 2, 2021–

Torq today announced that Talha Tariq has joined the company’s CISO Advisory Board. Talha, currently Vice President & Chief Security Officer at HashiCorp, will advise the company on product direction and marketing messaging, providing key insight into building industry-leading security teams for today’s digital, distributed businesses.

“ Talha has built a dynamic, forward-looking security organization at HashiCorp. His experience with protecting a large, distributed organization and vast customer bases gives him unparalleled insight into how companies scaling in today’s digital-first world can keep their employees, data, and customers safe. We’re excited to have him join Torq’s CISO Advisory Board, ” said Ofer Smadari, Torq CEO.

Torq’s no-code automation eliminates mundane and repetitive work from the lives of security professionals worldwide, unlocking their potential and productivity alike. Torq’s CISO Advisory Board is composed of select industry luminaries who work alongside Torq’s product, security, and marketing teams as they seek to transform the cybersecurity industry from one focused on threats to one focused on people.

“ Teams using Torq benefit from a radical shift in culture. Instead of security engineers and analysts working tirelessly to keep pace with business needs, they can invest their valuable time in innovative, creative work that keeps the whole team operating faster, focused on business results, and the company better protected. It’s a game-changing approach to security automation and operations, ” said Talha.

Talha is the Chief Security Officer at HashiCorp, which provides infrastructure automation software for multi-cloud environments. He has 20 years of experience building and scaling security programs from startups to Fortune 100 organizations. Prior to HashiCorp, Talha served as CISO of Anki & FinancialForce, Director of Security Consulting at PwC, and has held various security leadership positions at Microsoft and NCR. He has also led a variety of engagements around the…

Source…