The average insider scheme lasts 32 months before it's detected, says threat researcher Jason Clark, who suggests using a combination of the right technologies and the right processes is the key to improving detection.
Although the enforcement date for the HIPAA Omnibus Rule was Sept. 23, compliance is an ongoing project, and educating smaller business associates is a continuing challenge, says Jeff Cobb, CISO at Capella Healthcare.
Attorney Maureen Ruane, who has prosecuted dozens of healthcare fraud cases, explains how the rollout of electronic health record systems at hospitals and clinics is creating new potential opportunities for fraud.
Mary Galligan, the just-retired head of the FBI's New York cyber unit, says the federal government can do more to help businesses take all the right steps to protect sensitive information and prevent breaches.
Bill Stewart, a privacy and security expert at medical device manufacturer Philips Healthcare, offers an explanation of when hospitals should apply software patches to devices on their own and when they should work with the supplier.
Nations' policies for mitigating cyberthreats can conflict with efforts to promote cyber-enabled global trade, cautions Allan Friedman, research director of the Brookings Institution's Center for Technology Innovation.
To mark his induction into the National Cyber Security Hall of Fame, Purdue University Computer Science Professor Eugene Spafford offers insights on key challenges, including overcoming senior executives' misperceptions about key issues.
Knowledge-based authentication is no longer reliable, says fraud expert Avivah Litan, an analyst at Gartner. She explains why so-called behavioral authentication is the only reliable way to verify users.
Mitigating card risks associated with retail malware attacks and POS vulnerabilities is a focus of updates to the PCI Data Security Standard, say Bob Russo and Troy Leach of the PCI Security Standards Council.
Before hiring a cloud services vendor, healthcare organizations should demand answers to tough questions about privacy and security, says Phil Curran, a hospital CISO who has scrutinized many companies.
Top executives at healthcare organizations must take the lead in overcoming a culture that portrays privacy and security as barriers, says Joy Pritts, chief privacy officer at the Office of the National Coordinator for Health IT.