The biggest identity and access management challenges for healthcare providers are being able to manage clinical data access on a granular basis and make sign-on simple but secure for clinicians, says security expert Mark Ford.
Advanced threats are like the weather. Everyone talks about them, but few have a solid defense plan - or even a solid understanding of the threat landscape. Mike Nichols of General Dynamics Fidelis Cybersecurity Solutions offers insight.
Information security and privacy work in healthcare environments often requires a depth of specialized knowledge and competency that can be validated through the help of professional credentialing, says CISO Sean Murphy.
(ISC)Â² is celebrating its silver anniversary as a global organization educating and certifying information security professionals. What are the key threats and trends driving the profession's future growth?
To ensure their business associates have conducted a thorough risk assessment and other HIPAA compliance tasks, covered entities must have a solid vendor management program in place, says security expert Mac McMillan.
Attackers likely purchased malware in underground "cybercrime-as-a-service" markets to use in recent credit card breaches, including the Target Corp. attack, a new report from McAfee Labs asserts. Adam Wosotowsky explains the report's findings.
One key factor in efforts to reduce reliance on passwords for authentication will be international acceptance of the FIDO Alliance's soon-to-be released protocol for advanced authentication, says Michael Barrett, the alliance's president.
The next round of HIPAA compliance audits by federal regulators are likely to focus on three key areas, says compliance expert David Holtzman, who until recently worked at the agency that enforces HIPAA.
When it comes to building a breach response team, too many healthcare organizations use a "volunteer firefighter model," taking inadequate steps to prepare for incidents, says security expert Brian Evans.
Phyllis Schneck, the Department of Homeland Security's deputy undersecretary for cybersecurity, equates the department's continuous diagnostics and mitigation initiative with a medical probe detecting an infection in the human body.
In the wake of high-profile breaches and data leaks, the government will pay a lot more attention to information security. Are security pros ready for this scrutiny? Professor Eugene Spafford has his doubts.
In the wake of the Target breach, the University of Pittsburgh Medical Center has ramped up Internet monitoring to detect early if the organization is a target for attacks, says John Houston, UPMC's security and privacy leader.