To help prevent data breaches involving business associates, healthcare organizations need to develop vendor management programs with razor-sharp requirements, says risk management expert Rocco Grillo.
Letting women make mistakes, as men are allowed to do, could help grow the female IT security workforce from its current level of less than 30 percent. That's a conclusion of a panel of IT security experts assembled by Information Security Media Group.
Healthcare organizations that base their information security programs on HIPAA compliance are making a major blunder, says security consultant Brad Keller, who explains why that strategy is short-sighted.
A critical step in the successful implementation of role-based access control at healthcare organizations is first committing to do time-intensive prep work, says security expert Christopher Paidhrin of PeaceHealth.
Continuous monitoring is helping Freddie Mac reduce the number of security controls it uses to safeguard its information systems, says CISO Patricia Titus, who summarizes lessons that can apply to government and private-sector entities.
Florida's recent rollout of knowledge-based authentication in the application process for various benefits programs, including Medicaid, is already helping to crack down on ID theft and fraud, says Andrew McClenahan, who heads the effort.
Imagine a cyber-attack that disables an electricity distribution center. What's the role of the U.S. military, government or the utility company in defending and retaliating? That's a question on the mind of Army Col. Gregory Conti.
Customers increasingly use digital channels to interact with organizations. But these interactions raise new security concerns that must be addressed by IAM solutions, says David Gormley of CA Technologies.
Healthcare organizations should take several key steps to ensure the cybersecurity of medical devices, including "walling off" certain devices from the network, says Rick Comeau of the Center for Internet Security.
The folks at PricewaterhouseCoopers, after surveying 500 U.S. business, law enforcement and government executives, conclude that the vast majority of cybersecurity programs fall very short of the federal government's cybersecurity framework goals....
Healthcare organizations are becoming a bigger target for cybercriminals because so much more clinical and financial information is now stored in potentially vulnerable information systems, says security expert Mac McMillan.
What does "IT security as a business enabler" mean? For a definition, Gartner's Paul Proctor looks to the way IT managers at a European car maker translate security problems into a language a CEO can understand.