Though others deemed Bruce McConnell as one of the government's most innovative security thought-leaders, he says his vision of how best to secure IT evolved during his just-ended 4-year tenure at DHS as a senior cybersecurity policymaker.
It's an increasingly common question from CEOs. "How is our security program protecting the business?" Pamela Gupta of OutSecure shares insight on what CISOs should demonstrate when they answer that question.
The best ideas to secure the Internet do not come from the top-down government approach imposed by some foreign governments, but from the openness derived by a multi-stakeholder process, says Christopher Painter, America's top cyber diplomat.
The hotline, the communications link established between Washington and Moscow during the Cold War to avert a nuclear war, is being used to warn of potential cyber and environmental crises, the State Department's Christopher Painter says.
As Riverside Medical Center in Illinois prepares for HIPAA Omnibus Rule compliance, it's facing push-back from some business associates about new requirements, says Erik Devine, chief security officer.
After organizations update their policies and procedures to comply with the new breach notification requirements of HIPAA Omnibus, they must thoroughly test their response plans, attorney Ellen Giblin stresses.
A big security mistake medical device vendors make is failing to adequately address that their wireless products will connect to other systems, says security expert Jay Radcliffe, who has reported concerns about insulin pumps to the FDA.
Providing patients with more transparency into who's electronically requesting their health information can not only improve data privacy, but also help patients catch record errors and ID theft, says David Staggs, a participant in a new pilot.
Because state HIEs vary in connectivity and interoperability levels, secure e-mail based on the Direct Project offers a dependable way of sharing patient data during a disaster, says Tia Tinney of the Southeast Region Collaborative for HIT.
Draft legislation circulating in the Senate, if enacted, would serve as Congress' endorsement of President Obama's order to create best practices that industry could voluntarily adopt, says Jacob Olcott, the former counsel to the committee that wrote the bill.
A new incident response publication coming from the National Institute of Standards and Technology will include guidance on how to form circles of trust - networks of IT security experts spanning multiple organizations, says NIST's Lee Badger.