One of the biggest misunderstandings about the Heartbleed bug in the healthcare sector is that it only affects websites and Web servers. In fact, medical devices are also at risk for the vulnerability, says security expert Mike Ahmadi.
The recent Verizon Data Breach Investigation Report notes more than 16,000 incidents in the past year where sensitive information was unintentionally exposed. "Nearly every incident involves some element of human error," the report notes.
Federal regulators have released a proposed framework for addressing safety risks involved in using healthcare IT, including EHRs and medical devices. The report takes into account that cybersecurity can play a role in ensuring safety.
Starting now, healthcare organizations using Microsoft Windows XP-based medical devices better have short- and long-term strategies to address cybersecurity, says medical device security researcher Kevin Fu.
An analysis of the Target breach prepared for a Senate committee is a political document that might help its patron's agenda but doesn't go far enough to identify technical solutions to help enterprises avoid Target-like breaches.
The No. 1 reason Congress, after five years of intensive efforts, has yet to enact comprehensive cybersecurity legislation is differences over how much liability protection to grant businesses to get them to share cyberthreat information.
Speculation surrounding the cause of the disappearance of Malaysia Airlines Flight 370 hasn't included the possibility of a cyber-attack. But one cybersecurity expert contends hacking an airliner is feasible.
Two Stanford University researchers are conducting a study using crowdsourcing to show that the NSA's culling of telephone metadata can reveal a lot about an individual. I joined the crowd to find out what the metadata says about me.