The manufacturers of wearable health devices should incorporate key privacy and security best practices into the R&D of their products, says privacy advocate Michelle De Mooy of the Center for Democracy & Technology, who describes recommendations in a new study.
In today's rapidly changing cyber threat environment, the federal government needs to take a lead role in making sure mobile device security is adequate, says security researcher Stephen Cobb, who analyzes ongoing investigations by the FTC and FCC in this audio interview.
Organizations chosen for remote "desk audits" of their HIPAA compliance, which will begin this summer, need to be prepared to quickly provide supporting documentation, Deven McGraw, deputy director of health information privacy at the HHS Office for Civil Rights, explains this in-depth audio interview.
With hack attacks continuing against banks, SWIFT must follow in the footsteps of other vendors - notably Microsoft - and begin offering detailed, prescriptive security guidance to its users, says Doug Gourlay of Skyport Systems.
The $940 billion compensation awarded to Epic Systems in its case against Indian IT major TCS is unprecedented - shaking the industry out of its complacency to information security. Cyber law expert "Naavi" takes a close look at the implications for India.
There are two elements of a ransomware attack - the infection and then the action that takes place on infected devices. And both elements are evolving, says Ben Johnson of Carbon Black. He shares insight on how to improve ransomware defenses.
Breaches in the healthcare sector are continuing to surge, in part, because cybercriminals are building big data resources that can be used to fuel fraud, security experts Larry Ponemon and Rick Kam say in an audio interview discussing findings of a new Ponemon Institute report.
It's one thing to talk or even plan about "What happens if we are breached?" It's quite another to undertake a true breach exercise. What are the critical elements of such a drill? Author Regina Phelps shares advice from her new book.
The emerging threats posed by cybercrime and evolving banking services, including mobile banking, will be among the focal points of a keynote address by the Information Security Forum's Steve Durbin at ISMG's Fraud & Breach Prevention Summit in Washington May 17-18.
The HHS Office of Civil Rights is gearing up for round two of HIPAA compliance audits. What should security leaders expect, and how should they prepare? David Holtzman of CynergisTek and Geoff Bibby of Zix offer insights and advice.
With today's multi-layered attack surface, traditional vulnerability management no longer suffices. Security leaders must embrace a new strategy to help identify and secure true assets at risk. Gautam Aggarwal of Bay Dynamics explains how.
Establishing new laws and regulations to address privacy and cybersecurity concerns related to the Internet of Things would likely be ineffective, attorney Steven Teppler, who co-chairs an American Bar Association IoT committee, says in an audio interview.
NIST's Ron Ross, in an audio interview, explains new draft guidance that's designed to help technology vendors build secure components that their customers can use to build trustworthy information systems. Ross will be a keynoter at ISMG's Fraud and Breach Prevention Summit in Washington.
The digital banking shift creates great convenience - for the fraudsters, as well as the customers. What can institutions do to reduce their vulnerability to breaches and fraud? Dave Allen of Bottomline Technologies offers advice.
Clinics, laboratories, durable medical equipment suppliers and other smaller healthcare entities need to bolster their breach preparedness as cyberattacks against smaller entities in all sectors continue to multiply, says David Finn of Symantec, who discusses findings from a new report.