The chief executive of the Finnish company that uncovered the Internet website vulnerability known as Heartbleed says security practitioners should rethink how they approach IT security by placing a greater emphasis on vetting software for vulnerabilities.
Security experts agree that the newly-discovered Heartbleed bug is a serious threat, but what are the specific risks, and how can they be mitigated? Thought-leaders offer insights and practical advice.
New revelations that the NSA meddled with RSA encryption tools is raising concerns about the security of offerings not only from RSA, but other security product vendors, too.
Fandango and Credit Karma have reached settlements with the FTC on charges that they failed to secure the transmission of millions of consumers' sensitive personal information from their mobile apps.
The No. 1 reason Congress, after five years of intensive efforts, has yet to enact comprehensive cybersecurity legislation is differences over how much liability protection to grant businesses to get them to share cyberthreat information.
MasterCard and Visa have announced the formation of a cross-industry group that will work on improving U.S. payment security by advancing migration to chip cards as well as point-to-point encryption.
As organizations expand their use of encryption to help prevent breaches, they must improve their management of cryptographic keys, says Prakash Panjwani, senior vice president at SafeNet.
An address by FBI Director James Comey at the RSA security conference seems to equate civil liberties and privacy. But when he offers an example of balancing Americans' rights with cybersecurity, he mainly refers to the civil liberties, not privacy.
RSA 2014 is hosted across the street from a Target store. Which is only fitting because the Target retail breach arose in many discussions during day one of the annual security conference.
Because of concerns of possible National Security Agency meddling with its cryptographic standards, NIST has issued a draft report proposing revisions in how it develops cryptographic standards.
The ongoing epidemic of health data breaches involving unencrypted laptops demonstrates why many healthcare organizations need to conduct more meaningful risk assessments, says security expert Dan Berger.
Encryption gaps in retail payment card transactions were highlighted at a Congressional hearing that examined security failures in the aftermath of malware attacks against point-of-sale systems at Target and Neiman Marcus.
Kaiser Foundation Health Plan has reached a settlement with the California attorney general over its response to an unusual breach of employees' personal information that occurred in 2011.
While details surrounding a suspected breach at Michaels remain unclear, two U.S. card issuers say they believe the retailer was targeted by point-of-sale malware similar to what compromised Target and Neiman Marcus.
President Obama faces a dilemma in deciding whether to prohibit the National Security Agency from tinkering with encryption as one way to collect intelligence data from adversaries who threaten to harm America.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.