Tag: healthcare
-
The silent security gap in enterprise AI adoption
Tags: access, ai, api, backup, breach, business, cloud, compliance, computer, computing, control, credentials, cryptography, data, data-breach, encryption, exploit, finance, group, healthcare, infrastructure, malicious, risk, service, technology, threat, toolInfoWorld explains in its analysis of why AI is all about inference now.This shift has happened quickly. In many organizations, AI systems have moved from pilot projects to core infrastructure in less than two years. Yet security architectures have not evolved at the same pace. The result is a widening gap between where sensitive data…
-
How Hospitals’ Use of GenAI is Putting Patients at Risk Without Realizing It
Hospitals are adopting Gen AI across EHR workflows, but hallucinations, bias, and weak governance pose real patient safety risks. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/02/how-hospitals-use-of-genai-is-putting-patients-at-risk-without-realizing-it/
-
How does innovation in agentic AI impact financial security
Are You Leveraging Agentic AI for Enhanced Financial Security? Businesses across various sectors are increasingly relying on Agentic AI to bolster their financial security measures. But what exactly is Agentic AI, and why is it swiftly becoming an integral part of cybersecurity frameworks, especially in sectors like financial services, healthcare, and DevOps? The Rise of……
-
HHS Audit Flags Web App Security Gaps at Large Hospital
Experts: Problems Are Frequent Weaknesses Across Healthcare Sector Entities. Security weaknesses in web-facing apps used at a large U.S. hospital could leave the facility’s IT systems and sensitive patient information vulnerable to cyberattacks, found federal auditors. Those same problems also haunt many other healthcare entities, experts said. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/hhs-audit-flags-web-app-security-gaps-at-large-hospital-a-30671
-
Why Your WAF Missed It: The Danger of Double-Encoding and Evasion Techniques in Healthcare Security
Tags: access, ai, api, attack, data, data-breach, detection, exploit, governance, hacker, healthcare, intelligence, malicious, risk, technology, threat, tool, wafThe “Good Enough” Trap If you ask most organizations how they protect their APIs, they point to their WAF (Web Application Firewall). They have the OWASP Top 10 rules enabled. The dashboard is green. They feel safe. But attackers know exactly how your WAF works, and, more importantly, how to trick it. We recently worked…
-
Capital Health to Pay $4.5M in LockBit Breach Settlement
Class Action Stems From 2023 Ransomware Attack Affecting More Than 500,000. Capital Health, which operates hospitals and other facilities in New Jersey and Pennsylvania, agreed to pay $4.5 million to settle consolidated class action litigation involving a 2023 LockBit ransomware and data theft attack affecting more than a 500,000 patients and employees. First seen on…
-
When responsible disclosure becomes unpaid labor
Tags: ai, bug-bounty, ciso, cloud, compliance, control, credentials, cve, cvss, cybersecurity, data, email, exploit, finance, flaw, governance, healthcare, incident response, infrastructure, jobs, open-source, ransom, risk, security-incident, service, software, threat, tool, update, vulnerability, warfaresupposed to function and how it increasingly does in practice. Enter the gray zone of ethical disclosure: The result is a growing gray zone between ethical research and adversarial pressure. Based on years of reporting on disclosure disputes, that gray zone tends to emerge through a small set of recurring failure modes.Silent treatment and severity…
-
How is Agentic AI changing healthcare security
How Does Agentic AI Revolutionize Healthcare Security? Are you prepared to explore the transformative power of Agentic AI in securing the healthcare industry? The intersection of artificial intelligence and cybersecurity has opened doors to innovative methodologies. This sector is under constant scrutiny due to the sensitive nature of its data. While we delve deeper into……
-
Why AI Use in Healthcare Requires Continuous Oversight
Artificial intelligence use in healthcare is only as safe and accurate as the governance and trust frameworks surrounding it, particularly in clinical environments where errors or hallucinations can directly impact patient care, said Dave Bailey, vice president at consultancy Clearwater. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/interviews/ai-use-in-healthcare-requires-continuous-oversight-i-5521
-
Top 10 B2B Healthcare SaaS SSO Solutions in 2026
Discover the best B2B healthcare SaaS SSO solutions for 2026. Compare SAML, OIDC, pricing, and features for secure hospital logins. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/01/top-10-b2b-healthcare-saas-sso-solutions-in-2026/
-
Moltbot Personal Assistant Goes Viral”, And So Do Your Secrets
Early 2026, Moltbot a new AI personal assistant went viral. GitGuardian detected 200+ leaked secrets related to it, including from healthcare and fintech companies. Our contribution to Moltbot: a skill that turns secret scanning into a conversational prompt, letting users ask “is this safe?” First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/01/moltbot-personal-assistant-goes-viral-and-so-do-your-secrets/
-
NDSS 2025 TrajDeleter: Enabling Trajectory Forgetting In Offline Reinforcement Learning Agents
Session 10D: Machine Unlearning Authors, Creators & Presenters: hen Gong (University of Vriginia), Kecen Li (Chinese Academy of Sciences), Jin Yao (University of Virginia), Tianhao Wang (University of Virginia) PAPER TrajDeleter: Enabling Trajectory Forgetting in Offline Reinforcement Learning Agents Reinforcement learning (RL) trains an agent from experiences interacting with the environment. In scenarios where online…
-
‘AI-Powered’ Services Firm Says Hack Affects 3.1M
Reported Victim Tally in HCIactive’s Health Data Theft Incident Soars. The victim count in a 2025 hack against a Maryland-based firm that provides AI-powered administrative and technology services to healthcare practices soared to nearly 3.1 million nationwide, according to an updated breach report from Healthcare Interactive. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/ai-powered-services-firm-says-hack-affects-31m-a-30618
-
AHA Releases New Guides to Strengthen Hospital Emergency and Cyber Preparedness
Healthcare organizations in the United States face threats, ranging from public health emergencies to cyberattacks. To support hospitals and health systems in enhancing their preparedness and resilience, the American Hospital Association (AHA) has released two comprehensive resources for cyber preparedness in healthcare. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/cyber-preparedness-in-healthcare/
-
Transfer learning and governance help bridge healthcare AI divide
Singapore researchers show how adapting pre-trained AI models can solve data scarcity issues in countries with limited resources. Separately, they have proposed forming an international consortium to build consensus on AI governance in medicine First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366637650/Transfer-learning-and-governance-help-bridge-healthcare-AI-divide
-
Can compliance automation keep regulators satisfied?
How Can Organizations Meet the Challenges of Compliance Automation? What are the key challenges businesses face when aiming to satisfy regulatory requirements through compliance automation? Managing non-human identities (NHIs) and secrets security in cloud environments is becoming increasingly important for businesses across various industries. Financial services, healthcare, travel, and DevOps teams are all seeking robust……
-
How does Agentic AI reduce risks in digital environments?
What Makes Non-Human Identities (NHIs) Vital for Cloud Security? Where businesses increasingly shift operations to the cloud, how can they ensure robust security while managing machine identities? Non-Human Identities (NHIs) offer a promising solution, playing a pivotal role in safeguarding digital environments from potential risks. Businesses across various sectors, from healthcare to financial services, are……
-
Report: Attacks ‘Cascade’ From IT, OT to Patient Care
Trellix Says Email, Identify Failures Are Among Top Vectors in Health Compromises. Of the millions of threats detected in healthcare IT environments last year, email phishing, identity failures and device vulnerabilities were among the top vectors for non-clinical IT compromises – often cascading and disrupting patient care, said a new report from security firm Trellix.…
-
When Hospitals Go Dark and Browsers Turn Rogue
At 6:32 a.m., a hospital in Belgium pulled the plug on its own servers. Something was already inside the network, and no one could say how far it had spread. By mid-morning, scheduled procedures were canceled. Critical patients were transferred out with help from the Red Cross. Staff went back to paper. Emergency services ran at reduced……
-
Interconnectedness, extortion risk make cybersecurity a healthcare C-suite priority
A new report from Trellix reviews the biggest breaches, describes the most effective defenses and profiles the most dangerous attackers. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/health-care-cybersecurity-threats-report-trellix/810608/
-
Can Agentic AI operate independently in high-stakes areas?
Can Independent Agentic AI Safeguard Our Critical Systems? Have you ever wondered how we can entrust critical operations to independent systems? The emergence of Agentic AI, with its capacity to operate autonomously, has sparked considerable discussion about its potential role in high-stakes environments. This intriguing technology has been deployed across various sectors, such as healthcare,……
-
Claroty Gets $150M to Lead in AI for Infrastructure Security
Claroty CEO Yaniv Vardi Outlines IPO Strategy and Growth Through Acquisition. Claroty’s $150 million Series F funding round will help scale its platform for protecting critical infrastructure with embedded AI. CEO Yaniv Vardi says the company aims to reach profitability, pursue M&A and strengthen verticalized offerings for the healthcare, manufacturing and industrial spaces. First seen…
-
CISO’s predictions for 2026
Tags: access, ai, attack, authentication, automation, breach, business, ciso, cloud, control, credentials, cryptography, cyber, cyberattack, cybersecurity, data, data-breach, encryption, endpoint, extortion, finance, governance, government, healthcare, identity, infrastructure, malicious, mobile, mssp, network, password, penetration-testing, ransomware, risk, router, saas, soc, strategy, supply-chain, technology, threat, tool, vulnerability, warfareAI agents to reshape the threat landscape: But those same AI technologies are also changing the threat landscape. Toal points to a recent Anthropic report that documented the first large-scale AI-enabled cyberattack as an early warning sign. “I guarantee attackers will be more focused on using AI agents for what they want than a lot…
-
How to scale NHIs safely and efficiently?
Is Your Organization Ready to Scale NHIs Safely and Efficiently? Scaling Non-Human Identities (NHIs) is a complex endeavor, particularly in dynamic industries such as financial services, healthcare, and technology-driven sectors that rely heavily on cloud computing. Where NHIs serve as the backbone for automation, the question becomes: how can organizations use NHI management to achieve……
-
Securing the Future: Practical Approaches to Digital Sovereignty in Google Workspace
Tags: access, attack, ciso, cloud, compliance, computing, container, control, data, defense, dora, email, encryption, GDPR, google, Hardware, healthcare, identity, infrastructure, law, malware, network, privacy, regulation, resilience, risk, service, software, strategy, zero-trustSecuring the Future: Practical Approaches to Digital Sovereignty in Google Workspace madhav Thu, 01/22/2026 – 04:35 In today’s rapidly evolving digital landscape, data privacy and sovereignty have become top priorities for organizations worldwide. With the proliferation of cloud services and the tightening of global data protection regulations, security professionals face mounting pressure to ensure their…
-
13 cyber questions to better vet IT vendors and reduce third-party risk
Tags: access, api, attack, authentication, automation, best-practice, breach, business, ceo, ciso, cloud, compliance, control, credentials, credit-card, cyber, cyberattack, cybercrime, cybersecurity, data, detection, endpoint, exploit, extortion, firewall, healthcare, identity, incident response, infrastructure, insurance, international, ISO-27001, jobs, least-privilege, mfa, monitoring, network, nist, password, PCI, penetration-testing, radius, ransomware, risk, saas, sans, security-incident, service, supply-chain, threat, update, vpn, vulnerabilityVital vendor questions CISOs should ask: To gain that critical information, security leaders and experts recommend CSOs ask IT partners the following cyber-specific questions. 1. What attestation will you provide to prove proper security controls are in place? These are essential, says Juan Pablo Perez-Etchegoyen, CTO for cybersecurity and compliance platform Onapsis. Some of the…
-
13 cyber questions to better vet IT vendors and reduce third-party risk
Tags: access, api, attack, authentication, automation, best-practice, breach, business, ceo, ciso, cloud, compliance, control, credentials, credit-card, cyber, cyberattack, cybercrime, cybersecurity, data, detection, endpoint, exploit, extortion, firewall, healthcare, identity, incident response, infrastructure, insurance, international, ISO-27001, jobs, least-privilege, mfa, monitoring, network, nist, password, PCI, penetration-testing, radius, ransomware, risk, saas, sans, security-incident, service, supply-chain, threat, update, vpn, vulnerabilityVital vendor questions CISOs should ask: To gain that critical information, security leaders and experts recommend CSOs ask IT partners the following cyber-specific questions. 1. What attestation will you provide to prove proper security controls are in place? These are essential, says Juan Pablo Perez-Etchegoyen, CTO for cybersecurity and compliance platform Onapsis. Some of the…
-
Minnesota Agency Notifies 304,000 of Vendor Breach
State Monitoring Incident Involving a Health Entity Worker for Potential Fraud. The Minnesota Department of Human Services is notifying nearly 304,000 people of data breach involving someone at a healthcare provider who inappropriately accessed information from an IT system managed by a vendor. State officials are monitoring the incident for potential fraud. First seen on…
-
Top 10 HIPAA Compliance Software Solutions
Key Takeaways Healthcare breaches have cost an eye”‘watering $7.42 million per incident in 2025, and it’s not surprising that regulators are dialing up new requirements like multi”‘factor authentication, encryption for all ePHI, and yearly audits. Small practices may be able to get by with basic tools, but larger organizations need more robust systems. The best……
-
How proactive can AI be in secrets rotation processes
How Can Organizations Effectively Manage Non-Human Identities? Are you aware of the potential threats posed by machine identities in your organization? With cybersecurity professionals navigate the complexities of managing Non-Human Identities (NHIs), understanding the nuances of these machine identities becomes crucial. In domains such as financial services, healthcare, and travel, safeguarding NHIs and their associated……