The OPM breach is not just the biggest in U.S. government history. It's also likely a classic case of third-party risk management, says Jacob Olcott of BitSight Technologies. What are the key lessons to be learned?
Healthcare CIOs are lobbying for the creation of a unique national patient identifier to facilitate secure national health information exchange. Leslie Krigstein of the College of Healthcare Information Management Executives explains the initiative.
The healthcare sector lags behind the financial sector when it comes to the maturity of vendor risk management programs, a new study confirms. Risk management experts Rocco Grillo and Gary Roboff analyze the work yet to be done.
OpenDNS's Andrew Hay sees danger confronting many enterprises in the era of the "Internet of Things" as Internet-ready consumer devices, not architected for security, find their way onto corporate networks, often unbeknown to administrators.
The new chief executive of the Center for Internet Security, which operates the Multistate Information Sharing and Analysis Center, sees mutual cooperation among enterprises as a way for organizations with limited staff to address critical IT security problems.
The PCI Security Standards Council has just released version 2 of its point-to-point encryption standard. Jeremy King of the PCI SSC explains how this optional standard can complement PCI-DSS compliance.
As healthcare entities embrace consumer wearable health devices, it's critical to carefully weigh patient benefits with the security and privacy risks. Michael Ash, M.D. of Nebraska Medicine, shares advice.
Organizations that want to protect sensitive data first need to know where it is. But outside of military and government realms, few employees know how to manually classify data, or have an incentive to do so, says TITUS CTO Stephane Charbonneau.
With the rise in awareness of visual security threats and the advent in open plan office environments, protecting data inside the organization is a growing concern, says Ben Rooney, a marketing executive at 3M.
In this audio report on a Senate hearing, the federal CIO justifies his backing of Office of Personnel Management Director Katherine Archuleta as she defends retaining a contractor whose stolen credentials may have led to the breach.
Listen to an audio report on a House hearing where key federal lawmakers explain why Katherine Archuleta should be fired as Office of Personnel Management director in the wake of what could be the largest government breach ever.
The 'Cybersecurity Domino Effect' is a new term to describe the cumulative impact of multiple data breaches. How should organizations and individuals respond? Michael Bruemmer of Experian offers guidance.