Chabrow hosts and produces the semi-weekly podcast ISMG Security Report and oversees ISMG's GovInfoSecurity and InfoRiskToday. He's a veteran multimedia journalist who has covered information technology, government and business.
DataBreachToday Executive Editor Mathew J. Schwartz's examination of the growing threats facing the critical energy sector leads the latest edition of the ISMG Security Report. Also in this report: A discussion of safeguarding the telehealth marketplace.
In the wake of recent ransomware attacks, such as WannaCry, what lessons do we have yet to learn? Ransomware attacks are nothing new, and while WannaCry was widespread, it was not sophisticated or stealthy, necessarily. So why did it have such an impact?
In this session, our panelists will discuss why the "wartime...
This edition of the ISMG Security Report features updates from RSA Conference 2017 on emerging technologies, the forthcoming White House cybersecurity executive order and Microsoft's call for a "Digital Geneva Convention."
A report on the former head of the NSA and CIA questioning President-elect Donald Trump's understanding of cybersecurity leads the latest edition of the ISMG Security Report. Also, House Homeland Security Committee Chairman Michael McCaul outlines his vision of Congress' cybersecurity agenda for 2017.
A just-issued report from President Obama's Commission on Enhancing National Cybersecurity outlines challenges the next administration should address. Observations from one of the panel's commissioners highlight the latest episode of the ISMG Security Report.
An evaluation of new U.S. government guidance to prevent the hacking of automotive computers and electronics leads the latest ISMG Security Report. Also, IBM takes responsibility for the impact of a DDoS attack and a preview of the ISMG Healthcare Security Summit.
Evaluating ways to thwart massive distributed denial-of-service attacks leads the latest edition of the ISMG Security Report. Also, explaining how "conspiracy theories" tied to an historic breach of Yahoo will have an impact on the internet company's future.
A lesson from down under: A report on unintentionally creating a distributed-denial-of-service attack aimed at oneself highlights the latest edition of the ISMG Security Report. Also, a report on interpreting HIPAA privacy standards more stringently.
In the latest ISMG Security Report, our editors examine the top concerns of security practitioners gathered at Infosecurity Europe, NIST's planned revision of its cybersecurity framework and U.S. government efforts to make sure patients can securely access their electronic health records.
Nearly every major breach over the last three years - including Anthem, Target, Home Depot, Office of Personnel Management, the Internal Revenue Service, the National Security Agency - shared a crucial commonality: attackers gained entry using compromised or stolen credentials.
This range of identity-centric...
The Obama administration has implemented a number of cybersecurity and privacy initiatives and policies aimed at making IT more secure for the federal government and the private sector, including the cybersecurity framework, National Strategy for Trusted Identities in Cyberspace, employing encryption and sharing cyber...
The Defense Advanced Research Projects Agency has awarded Georgia Tech a $2.9 million grant to develop a process for quickly identifying and then defending against low-volume DDoS attacks, which are far more common than high-volume attacks but can be just as disruptive.
Tools and techniques need to be identified to aid law enforcement in gathering evidence from devices, such as smartphones, while safeguarding the security and privacy of individuals. Can stakeholders find that middle ground?
The Justice Department has unsealed indictments against seven Iranians, allegedly working on behalf of the Iranian government, who are suspected of conducting DDoS attacks against dozens of American banks and attempting to seize control of Bowman Dam outside New York City.
The Department of Homeland security sees malware provenance - which identifies the attributes of malicious codes - as a way to complement its signature-based Einstein intrusion detection and prevention systems to find malware that infects IT systems.