Although the Office of the National Coordinator for Health IT is reorganizing, it appears privacy and security issues will remain a top priority at the agency. Here are the latest details.
Security experts say a newly reported flaw in open-source authorization services, which has been named Covert Redirect, doesn't appear to pose as big a risk as the Heartbleed bug.
For too long, code writers have been measured on the features built into their applications - not the potential security vulnerabilities. It's time to change that perspective, says Maty Siman of Checkmarx.
The fact that the U.S. federal government would, under some circumstances, exploit software vulnerabilities to attack cyber-adversaries didn't perturb a number of IT security providers attending the 2014 Infosecurity Europe conference in London.
A hot topic among U.S. federal government security managers and other infosec pros is developing a process to vet mobile applications. The National Institute of Standards and Technology is offering a solution called AppVet.
Three years ago, trust on the Internet - or the lack thereof - focused, in part, on the faceless hacking groups such as Anonymous and LulzSec. Today, we have a face for this lack of trust, and it looks a lot like Uncle Sam and a Chinese Red Army cybersoldier.
The chief executive of the Finnish company that uncovered the Internet website vulnerability known as Heartbleed says security practitioners should rethink how they approach IT security by placing a greater emphasis on vetting software for vulnerabilities.
A notion emerging from the Heartbleed bug is that organizations can't determine if the vulnerability caused data to be exfiltrated. But CERT's Will Dormann says that may not always be the case.
Increasingly, organizations are seeing attacks migrate from the network to the application level. How can security leaders ensure they are prepared to handle this shift? Kunal Anand of Prevoty offers insight.
In many if not most enterprises, the chief information security officer reports to the chief information officer. After all, enterprises cannot function without IT, and security is a support function to safeguard data and systems. Or is it?
Increasingly, organizations are seeing attacks migrate from the network to the application level. How can security leaders ensure they are prepared to handle this shift? Kunal Anand of Prevoty offers insight.
An analysis of the Target breach prepared for a Senate committee is a political document that might help its patron's agenda but doesn't go far enough to identify technical solutions to help enterprises avoid Target-like breaches.
Two new surveys highlight that many healthcare organizations have more work to do when it comes to developing a mobile technology strategy and taking adequate security steps.
When a former U.S. president acknowledges that he won't use e-mail to correspond with foreign leaders to avoid snooping by the NSA, you know the image of America as a bastion of freedom - at least online - has dropped a few more notches.
The rise in usage of mobile devices has also come with a commensurate rise in application risk. View this webinar to find out how to make mobile app security a priority and tame the chaos.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.