Researcher Billy Rios and a partner found password vulnerabilities in 300 medical devices, prompting the Department of Homeland Security to issue a security advisory to device manufacturers, healthcare facilities and users.
The implementation of IPv6, the new Internet communications protocol, will have a major impact on identity and access management. EMC researcher Davi Ottenheimer explains how organizations should prepare.
It's impractical for organizations to ban staff members from using personally owned devices for work or to avoid having a formal BYOD policy, says Peter Swire, a former presidential adviser on privacy issues.
Intermountain Healthcare deserves praise for its gutsy leadership on information security. It's calling attention to the value of thorough risk assessments, acknowledging its need to improve security and developing best practices to share.
Collecting massive amounts of data on individuals, whether in the government or private sector, has become the norm in our society. It's not quite Orwellian, but it's a situation we might have to learn to live with.
As they develop mitigation strategies, organizations must keep in mind that all cyber-attacks, ranging from DDoS to phishing, ultimately aim to compromise data - and they virtually all are advanced and persistent.
With promises of ramped up HIPAA enforcement by federal regulators, and changes in the breach notification rule under the HIPAA Omnibus Rule, it's time for organizations to get serious about insider risks.
What can U.S. and European organizations learn from Asia-Pac about advanced mobile tech and increasing cyberthreats? That's a question I hope to answer while in Singapore for RSA Conference Asia Pacific 2013.
Healthcare organizations need to assess and mitigate security risks for medical devices just as diligently as they do for other information technology, says Sharon Finney, data security leader at 44-hospital Adventist Health System.
Attacks aimed at mobile devices are progressing much more rapidly than any attacks ever waged against PCs. Organizations are in danger if they don't pay attention, says anti-phishing expert Dave Jevans.