Healthcare organizations can learn a lesson from communication missteps in the banking sector. Banks struck by DDoS attacks are missing an opportunity to educate customers about cybersecurity, says Gregory Nowak of the Information Security Forum.
NIST's Ron Ross, one of the world's top information risk thought leaders, says new guidance he co-wrote doesn't dictate how organizations must approach risk assessment, but gives enterprises options on how to conduct risk appraisals.
The federal government has unveiled five pilot projects, including two that involve healthcare, that, if successful, could help build trust in online commerce and boost the economy, says Jeremy Grant, head of the National Strategy for Trusted Identities in Cyberspace National Program office.
Thor Ryan, chief security officer at the Alaska Department of Health and Social Services, offers lessons learned as a result of his organization's $1.7 million settlement following a HIPAA compliance investigation triggered by a small breach incident.
To address the security and privacy challenges magnified by the velocity, volume and variety of big data, the Cloud Security Alliance has formed a big data working group. What are the group's objectives?
What's the best way to prepare to comply with HITECH Stage 2 privacy and security requirements? Federal privacy officer Joy Pritts advises healthcare organizations to start by conducting a thorough risk assessment.