An important lesson from the breach of a White House unclassified network is that organizations should invest in intrusion detection tools, not just perimeter defenses, SANS's Johannes Ullrich says.
Many issuers of chip-based credit cards will likely allow U.S. consumers to complete transactions with a signature, not a PIN, which will limit the fraud protections offered by EMV cards, says Citizen Financial Group's Tim Webb.
As numerous attacks have demonstrated, two-factor authentication systems are not foolproof, says Ryan Lackey, a principal in the security practice at CloudFlare, who offers insights on how today's authentication systems must evolve.
In addition to adopting the right IT security standards to mitigate advance persistent threats, organizations need to pick the right people to carry out those standards, says Jon Long, a featured speaker at ISMG's Global APT Defense Summit on Oct. 22.
More healthcare entities might consider implementing NIST's cybersecurity framework if healthcare-specific guidance on putting the framework to use was available, says Lee Kim of the Healthcare Information and Management Systems Society.
While the security of the HealthCare.gov website has improved, and the next open enrollment for Obamacare will go more smoothly, there's still plenty of work to be done, says Curt Kwak, former CIO of the Washington state health insurance exchange.
"Cybercrime as a service" and the globalization of attacks are two of the trends noted by cyber-intelligence firm Group-IB in its third annual High-Tech Crime Report. Group-IB's Alexander Tushkanov explains the lessons that can be learned.
What advice does the first CISO have for today's security leaders? Steve Katz speaks up on top security threats, how to defend against them and what it takes to lead an effective security team.
Knowing how to manipulate a hacker's cultural values could help thwart - or at least slow down - cyber-attacks, says Garet Moravec, a cybersecurity expert who'll speak at ISMG's Global APT Defense Summit on Oct. 22.
HIPAA attorney Brad Rostolsky expects to see a ramping up of federal investigations concerning the inappropriate sale of protected health information for marketing purposes. Find out why.
In this post-Target era of "It's not a matter of if, but when," how prepared is your organization for a data breach? Michael Buratowski of General Dynamics Fidelis Cybersecurity Solutions offers tips for breach planning and response.
The U.S. government could be a year away from allowing citizens to use the same authentication credentials to get services from multiple departments and agencies, says Jeremy Grant, who oversees the National Strategy for Trusted Identities in Cyberspace.
The Food and Drug Administration's Suzanne Schwartz, M.D., is on a mission to debunk the myth that medical device manufacturers need FDA approval for software updates or patches to address potential vulnerabilities.
Nearly two weeks since news of Shellshock broke, attacks that are taking advantage of the Bash vulnerabilities are grabbing headlines. But Michael Smith of Akamai warns that the battle against hackers capitalizing on Shellshock could go on for years.
The development of authentication technologies that could replace the password is "nearing a tipping point," but there's still several years of work to do, says Jeremy Grant, who oversees the National Strategy for Trusted Identities in Cyberspace.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.