NIST's Ron Ross, in an audio interview, explains new draft guidance that's designed to help technology vendors build secure components that their customers can use to build trustworthy information systems. Ross will be a keynoter at ISMG's Fraud and Breach Prevention Summit in Washington.
The digital banking shift creates great convenience - for the fraudsters, as well as the customers. What can institutions do to reduce their vulnerability to breaches and fraud? Dave Allen of Bottomline Technologies offers advice.
Clinics, laboratories, durable medical equipment suppliers and other smaller healthcare entities need to bolster their breach preparedness as cyberattacks against smaller entities in all sectors continue to multiply, says David Finn of Symantec, who discusses findings from a new report.
Healthcare entities are increasingly in the crosshairs of attackers who seek to cause business disruption. How can threat intelligence bolster cybersecurity defenses? FireEye's Dan McWhorter offers insight and strategies.
Within the next 20 years, quantum computing could be applied to easily crack current approaches to cryptography, according to the National Institute of Standards and Technology, which already is beginning work on new approaches to encryption that can withstand the power of quantum computing.
The Verizon 2016 Data Breach Investigations report finds malware, ransomware and phishing attacks are more common than ever and creating even more damage. Organizations are continuing to get exploited via vulnerabilities that are months or even years old, forensics expert Laurance Dine explains in this interview.
Five new payment card data security requirements for third-party service providers are among the most significant changes included in version 3.2 of the PCI Data Security Standard released April 28, says Troy Leach of the PCI Security Standards Council.
The most important lesson from the lawsuit electronic health records vendor Epic Systems filed against Tata Consultancy Services is that data security controls must extend beyond protecting personally identifiable information to include intellectual property, attorney Ron Raether explains in this audio report.
A soon-to-be-launched pilot project funded by the National Institute of Standards and Technology aims to provide a potential model for how online access to patient information can be streamlined while boosting security, NIST trusted identities expert Phil Lam explains in this audio interview.
Now, more than ever, managing the risks involved in working with business associates and their subcontractors should be a top priority for healthcare organizations in their efforts to safeguard patient information, says risk management expert Andrew Hicks, who explains why.
"Internet of Things" developers must think about how attackers might attempt to exploit a device, and why, and then write code designed to block such attacks, says Charles Henderson, IBM's global head of security testing and threats.
Only 23 percent of surveyed organizations can respond effectively to a cybersecurity incident. This is among the findings of Solutionary's fourth annual Global Threat Intelligence Report. Researcher Rob Kraus discusses the security gaps.
A federal court's recent rejection of a motion filed by health insurer Anthem Inc. in its attempt to fight a class-action lawsuit in the wake of its massive data breach is important because it upholds the privacy rights of breach victims, says attorney Steven Teppler.
As the threat of malware infections, especially those involving ransomware, grows, organizations need to balance their perimeter-based security practices with an "intrusion tolerance" strategy that helps ensure a quick recovery, says medical device cybersecurity expert Kevin Fu.