IT security leaders rely on penetration testing to determine whether applications are secure. But penetration tests can't be a primary source of assurance, says Jeff Williams, co-founder of OWASP.
Federal regulators are offering a hint about which of the pending rules affecting healthcare information privacy and security will be the first to be issued this year.
Does the U.S. government's shuttering of the file-sharing website Megaupload.com show that new laws are not needed to battle intellectual property piracy? Brookings's Allan Friedman believes it does.
The Massachusetts eHealth Collaborative, a non-profit consultancy that experienced a health information breach, learned eight important lessons from the experience, says CEO Micky Tripathi.
Symantec reportedly said a 2006 breach led to the theft of the source code to its flagship Norton security software, reversing its previous position that it had not been hacked.
Security managers need the heads up from non-IT executives before they dismiss employees, some of whom might seek payback for their sacking by pilfering data or sabotaging systems, Carnegie Mellon University's Dawn Cappelli and Mike Hanley say.
Online shoe and clothing retailer Zappos.com has issued an e-mail alert to more than 24 million customers regarding a newly-discovered data breach of an internal network.
Wikipedia.org founder Jimmy Wales pledges to shutter the online encyclopedia from midnight Tuesday to midnight Wednesday to protest anti-piracy legislation before Congress that he contends would threaten Internet freedom if enacted.
Criminal background checks for prospective employees - smart move, or discriminatory practice? Attorney Lester Rosen answers this question and details 2012's top 10 trends in background checks.
Cybersecurity Coordinator Howard Schmidt recognizes the need to battle online piracy to protect U.S. intellectual property but contends legislation before Congress to do just that would unacceptably curtail Internet freedom and increase cybersecurity risks.
People with good analytical backgrounds that understand regulatory compliance are in demand. Their counterparts - defenders of IT systems - will always be in demand.
"We need the tens of thousands that can manage those defenders and then we need 100,000 that are out there learning the trade, that are passionate...
A small health plan in Tennessee is making a big investment in information security, using encryption, secure e-mail and other technologies to help prevent breaches.
Pace University's Seidenberg Cyber Security Institute plans to leverage public-private partnerships - a challenge for educational institutions. How will the institute help the private and public sectors meet their security needs?
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.