A controversy over the University of Oregon's handling of a student's mental health records is building momentum for reforms in a regulation that allows schools to use, and in some cases disclose, certain education records of students without their consent.
Cybersecurity risks to medical devices will become an even more critical issue for healthcare organizations to address next year because of the need to maintain patient trust, says Rob Potter of Symantec.
What do federal regulators have to say about the current state of health data security and privacy? And what are the top priorities of the new federal point person for HIPAA enforcement? Find out by following our coverage of an HHS/NIST security conference this week.
In the wake of the discovery of the serious Android Stagefright flaws, which affect an estimated 950 million devices, security researchers reveal that they discovered yet another Stagefright flaw - and that Google's initial fix could be exploited.
The recent FDA alert advising healthcare organizations to stop using a line of infusion pumps because of cybersecurity flaws, coupled with earlier guidance from the agency, will lead manufacturers to be more focused on risk management, predicts attorney Anna Spencer.
The outrage directed at Oracle Corp.'s security chief after a recent blog post in which she scolded third parties who scan the company's software looking for security flaws had a familiar ring: Do medical device makers have a similar cybersecurity attitude?
Security is a busy sector: Symantec jettisoned Veritas, Zscaler became a "unicorn" after its most recent funding round, and we have other M&A news from Cisco, Fidelity National Information Services and Proofpoint.
Millions of Android devices are at risk from "Certifi-gate," a flaw that OEMs must patch, Check Point warns. Following Stagefright, Google and some manufacturers have promised to deliver monthly Android patches.
Numerous services are enabled by default in Microsoft's Windows 10, and as employees connect their BYOD equipment to corporate networks, the cloud, collaboration and location tie-ins could pose enterprise security risks, experts warn.
Akamai's John Ellis talks about the quick evolution of bots and botnets, and how enterprise security leaders should deal with them now using a three-pronged approach - detection, management and mitigation.
New draft guidance from the National Institute of Standards and Technology instructs healthcare providers on critical steps for securing patient data on mobile devices. Nate Lesser, who helped prepare the report, offers an analysis.
When Benjamin Wyrick of VASCO Data Security looks toward 2016, he sees financial institutions embracing new mobile banking apps that are at once convenient and secure. What are the keys to making his vision a reality?
Attackers could abuse flaws in Android's Stagefright media library to seize control of almost 950 million devices, just by sending a text, a security researcher warns. But will most devices ever see related fixes?
RSA Conference Asia Pacific and Japan, which wrapped up last week, was a successful reflection of this region's hottest security topics. Here are some of my own observations, as well as feedback from the attendees.