Mark Weatherford, who recently stepped down as DHS deputy undersecretary for cybersecurity, says that although planned OpUSA DDoS attacks may initially be a nuisance, they represent a genuine long-term threat to the government.
Attorney Helen Oscislawski, a regulatory expert, explains why healthcare organizations must carefully scrutinize their marketing and fundraising policies to prepare for HIPAA compliance.
In assessing the risk of a distributed-denial-of service attack, organizations must think beyond shoring up systems' perimeters and concentrate on analyzing cyberthreat intelligence, Booz Allen Hamilton's Sedar Labarre says.
HIPAA-compliance consultant Bill Miaoulis outlines a number of critical steps that many healthcare organizations fail to take to ensure the security of data on mobile devices.
Eric Chabrow
•
April 30, 2013 8 minutes 25 seconds
NIST's Ron Ross, a big NASCAR fan, likens new security controls guidance to the tools race-car builders use to prevent drivers from breaking their necks when crashing into a brick wall at 200 miles an hour.
Security firm Mandiant recently released a widely publicized report detailing cyber-espionage activity originating in China. Mandiant Director Charles Carmakal discusses the latest nation-state threats.
When Richard Nealon first sat for his CISSP exam, he was struck by how U.S.-centric the questions were. Since then, he has strived to promote greater awareness of global information security concerns.
Eric Chabrow
•
April 29, 2013 8 minutes, 42 seconds
NIST's Donna Dodson is leading a federal government effort to take hundreds of suggestions from the private sector to create an IT security best practices framework that critical infrastructure operators could voluntarily adopt.
Although there have not yet been any confirmed reports of financial fraud associated with a major data breach at the Utah Department of Health last year, the potential for costly fraud is huge, contends Al Pascual of Javelin Strategy and Research.
It isn't just the quantity of cyber-attacks that's staggering; it's the quality. The average hacker now has access to nation-state-level attack capabilities, says James Lyne of Sophos. How can organizations defend?
It isn't a staffing shortage that we face, but rather a skills crisis, says Allan Boardman, international vice president of ISACA. How can organizations build the security skills they need to mitigate evolving risks?
Organizations face new cyber-risks from their third-party service providers. But standard contracts fail to cover these risks. Trend Micro's Tom Kellermann discusses the risk management essentials.
As data protection regulations continue to be refined, organizations throughout Europe are more sensitive to privacy restrictions in individual countries, says Dwayne Melancon, CTO of Tripwire.
Distributed-denial-of-service attacks are increasing against European banking institutions. But UK consultant Mark Child says if banks are worried about DDoS, then they have bigger security problems.
Eric Chabrow
•
April 23, 2013 8 Minutes 29 Seconds
Should IT security practitioners be deemed professionals like those in medicine and law? That's not an easy question to answer, says Ronald Sanders, former human capital officer at the U.S. Office of the Director of National Intelligence.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.