Owners of critical infrastructure might be shamed into providing the necessary security to safeguard their information assets. That's one takeaway of a compromise Senate bill proposed by Democrat Sheldon Whitehouse and Republican Jon Kyl.
An Obama administration memo, issued by U.S. Special Counsel Carolyn Lerner, cautions federal agencies that interfering with e-mails used by government employees to unveil misconduct could be unlawful.
The initial 20 HIPAA compliance audits found that more organizations had trouble with security compliance than privacy compliance, an analysis by federal officials shows. Learn about the other findings.
"This is about preparing the battlefield for another type of covert action," a former high-ranking U.S. intelligence official says. "Cyber collection against the Iranian program is way further down the road than this."
LinkedIn's failure to comply with long standing industry standard encryption protocols jeopardized its users' PII, and diminished the value of the services, the class action federal lawsuit filed in northern California says.
Brokers and insurers have upped their marketing efforts to get enterprises to purchase cyber insurance, even though policies could be risky for sellers and buyers. See 10 considerations you should mull before buying cyber insurance.
Gartner's Peter Firstbrook, to illustrate the vulnerability of IT systems, cites research that pegs at about 400 days the average time a targeted virus remains undetected on a computer. And, he says, that doesn't speak highly of the current offerings from security vendors.
Memorial Sloan-Kettering Cancer Center in New York is notifying 880 patients that some of their personal information may have been exposed when it was inadvertently embedded in PowerPoint charts posted on two websites.