Security firm Imperva had the opportunity to watch a hacktivist attack play out. Learn what the three phases of the attack were and how it was stopped.
Federal authorities are seeking comments on plans for voluntary national standards, including privacy and security guidelines, for health information exchanges. Their announcement poses 66 questions.
When breaches occur, most organizations struggle to collect the right data and get investigations off the ground. How can breach response improve? Verizon's Chris Novak offers expert advice.
A new guide from federal regulators on key privacy and security issues to address when adopting electronic health records is valuable. But additional guidance on risk assessments and other issues is needed.
Federal regulators have received hundreds of comments about proposed rules for Stage 2 of the HITECH Act EHR incentive program, sparking debate on many issues, including how to provide patients with prompt, secure access to their records.
The Department of Health and Human Services' Office of the National Coordinator for Health IT has published an in-depth guide to keeping health information private and secure.
Many organizations realize they are at risk of insider attacks. But do they have evidence and capabilities to respond to these risks? That's the real challenge, says researcher Larry Ponemon.
The lack of common definitions, understandings and approaches among countries may hamper international cooperation on cybersecurity, a need acknowledged by most countries.
Who is more likely to commit fraud in your organization - the newly-hired youngster or the long-tenured veteran? The ACFE's new 2012 Global Fraud Study profiles the top fraudsters and their schemes.
Americans express a bit less anxiety about their security than they felt a year ago, perhaps because they've become desensitized by extensive news reports about cyberattacks last spring, says Unisys' Steve Vinsik.
Application security is driving demand for highly skilled consultants. It's a challenging profession, and I've broken out five key skills that will distinguish you in the field.
It takes time and trust in order to develop health information exchanges, says IDC's Lynne Dunbrack. So how should HIE stakeholders approach such a project? Dunbrack offers three best practices.
The social network Myspace has settled with the Federal Trade Commission over misrepresenting its privacy policies by sharing personally identifiable information with advertisers without first getting permission from users.
Even with security information and event management systems, organizations labor to separate normal log data from actionable events, according to the latest Log and Event Management Survey from the SANS Institute.
Organizations often do not detect intrusions until after they've been compromised, says Rob Lee of SANS Institute. So how should they improve their incident-response posture? Lee offers three tips.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.
