As published in the November/December 2019 edition of InfoSecurity Professional Magazine By Michael Bergman, CISSP An (ISC)2 member details a software security integration system that eliminates that ’50-page security policy’ for developers. Unless your organization is gifted with resources, your software development teams do not have a dedicated first-line-of-defense function that integrates controls and makes it easier for developers to secure the products they build. Instead developers, particularly those using Agile for project management, typically are handed a 50-page security policy document and told to “implement that along with your functional requirements, all within your two-week sprint cycle.” The result is frustrated developers who usually do not understand cybersecurity well enough to extract security requirements from that massive policy document, let

U.S. healthcare institutions are under constant attack from cybercriminals, and unless hospitals take concrete steps to protect themselves, the situation won’t get any better. In 2019, the healthcare industry was the number one target for cyber attackers, with the cost of breaches totaling $4 billion, according to a new report. 2020 Vision: A Review of Major IT & Cybersecurity Issues Affecting Healthcare, published by security intelligence firm CyberMDX, provides an in-depth look at the causes and types of cybersecurity threats affecting the industry, as well as recommendations for healthcare institutions to fortify their cyber defenses. Attacks on healthcare are prevalent, according to the report, because the industry handles “valuable patient medical records” and has shown a “willingness to pay ransoms