Healthcare organizations that base their information security programs on HIPAA compliance are making a major blunder, says security consultant Brad Keller, who explains why that strategy is short-sighted.
A critical step in the successful implementation of role-based access control at healthcare organizations is first committing to do time-intensive prep work, says security expert Christopher Paidhrin of PeaceHealth.
Continuous monitoring is helping Freddie Mac reduce the number of security controls it uses to safeguard its information systems, says CISO Patricia Titus, who summarizes lessons that can apply to government and private-sector entities.
Florida's recent rollout of knowledge-based authentication in the application process for various benefits programs, including Medicaid, is already helping to crack down on ID theft and fraud, says Andrew McClenahan, who heads the effort.
Imagine a cyber-attack that disables an electricity distribution center. What's the role of the U.S. military, government or the utility company in defending and retaliating? That's a question on the mind of Army Col. Gregory Conti.
Customers increasingly use digital channels to interact with organizations. But these interactions raise new security concerns that must be addressed by IAM solutions, says David Gormley of CA Technologies.
Healthcare organizations should take several key steps to ensure the cybersecurity of medical devices, including "walling off" certain devices from the network, says Rick Comeau of the Center for Internet Security.
The folks at PricewaterhouseCoopers, after surveying 500 U.S. business, law enforcement and government executives, conclude that the vast majority of cybersecurity programs fall very short of the federal government's cybersecurity framework goals....
Healthcare organizations are becoming a bigger target for cybercriminals because so much more clinical and financial information is now stored in potentially vulnerable information systems, says security expert Mac McMillan.
What does "IT security as a business enabler" mean? For a definition, Gartner's Paul Proctor looks to the way IT managers at a European car maker translate security problems into a language a CEO can understand.
CIO John Halamka, M.D., a well-known blogger, says information security accounts for about half of his work at Beth Israel Deaconess Medical Center. He explains why that's the case and discusses a variety of projects, including a test of Google Glass.
A multi-layered approach known as "context-aware security" is the most effective strategy for fighting both insider and external cyberthreats, says Gartner analyst Avivah Litan, who explains how this strategy works.