The Department of Veterans Affairs is in the midst of an IT transformation that spotlights security efforts ranging from enforcing the use of two-factor authentication to reducing privileged access accounts, says a new mid-year report.
The federal tally of major health data breaches shows that to-date in 2016, there have been more reported hacker incidents than during the first half of 2015. However, so far this year, those hacks appear to be affecting fewer individuals.
Forget the 2015 mega-breach, an ongoing FTC probe or multiple class-action lawsuits: A new leadership team wants to reboot infidelity-focused online dating website Ashley Madison, promising that this time they'll get security and privacy right.
One of the core values of the cybersecurity framework is to facilitate communication among various stakeholders coming from different technical and managerial backgrounds who must collaborate to build secure IT systems, NIST Program Manager Matt Barrett explains in an interview.
Healthcare entities should take several critical steps to minimize the security risks posed by older, legacy medical devices used in their organizations, says medical device cybersecurity expert Kevin Fu.
Members of Congress have sent a letter to federal regulators saying that because ransomware attacks are "different" from other breaches in the healthcare sector, there's a need for new recommendations in upcoming government guidance.
The scale of the global IT security skills crisis is well documented. But what is its direct impact on cybersecurity with the government agencies of Washington, D.C.? Dan Waddell, Managing Director, North America at (ISC)² discusses the problem - and a new way to address it.
"Cloud security is one of the skills...
Breach fallout continues to mount in the aftermath of a cyberattack on cloud-based electronic health records vendor Bizmatics, which apparently affected hundreds of thousands of patients. The saga highlights important security lessons for covered entities when it comes to dealing with business associates.
The MySpace and LinkedIn data dumps have been made available by a security researcher on his website, which is perhaps the most easily accessible source for obtaining it. But does it put people at greater risk?
Would access to better information pertaining to encryption help Congress pass good crypto-related laws? That's the impetus behind a "Digital Security Commission" and a related report being hawked by some lawmakers.
The insider threat is a dangerous risk to government agencies and their most sensitive data. Monitoring the behaviors internally and identifying corrupt situations based on access, roles and actions is not a luxury government agencies can afford to go without.
Read our detailed white paper on building a case to...
Privileged users are typically associated with a company's IT department and can include database administrators, network engineers, IT security practitioners, etc. However, across an organization there may be other privileged users that should not be overlooked. A privileged user can be anyone from account managers...
The term Insider Threat brings to mind the malicious employee, motivated by either money or politics to steal data that can be sold on a black market or used to damage the organization's reputation.
According to a Ponemon report, unintentional employee negligence severely diminishes the productivity of the...
When desktops ruled the enterprise, employers may not have claimed to have absolute control over their workers' usage of technology and data, but they surely could contain it. Whether overtly or tacitly, leadership has now empowered its employees. Thanks to mobility, the cloud and other advancements, workers decide...
As a technology professional, you know that data, network and system failures aren't your biggest problems. It's the humans who interact with these systems that cause the issues.
High-risk insider threats - malicious, careless or negligent employees - are one of the main causes of data breaches. Most of the time,...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.