Organizations have started achieving PCI compliance, but it's a struggle for many to maintain, says Jen Mack, director of PCI Consulting Services for Verizon.
Ineffective or noncompliant security practices of service providers, the inability of customers to examine controls, the prospect of data leakage and the loss of data if a cloud service is terminated present challenges.
Benjamin Franklin. Thomas Edison. Henry Ford. If there were a Mount Rushmore of great inventors, it wouldn't be out of line to imagine Steve Jobs' face carved into the stone.
Involving all departments in planning for worst-case disasters is one important lesson an emergency manager at Memorial Sloan Kettering Cancer Center in Manhattan learned from Hurricane Irene.
House Republicans issue their cybersecurity legislative agenda that, in many respects, parallels the goals offered by the Obama administration and Senate Democrats, but it definitely has a GOP tinge to it.
"With a company-issued device, you can issue a policy that says users have no rights of privacy over information on the device," says Javelin's Tom Wills. But with employee-owned devices? A whole new set of issues.
RSA Chief Executive Art Coviello challenged a widespread belief that cybersecurity awareness could curb cyberthreats: "There's no amount of consumer education to make them smart enough to resist attacks. They're just too sophisticated."
Security incidents reported over the past five years have placed the confidentiality, integrity and availability of sensitive government information and information systems at risk, an annual GAO review reveals.
New guidance from the National Institute of Standards and Technology defines an information security continuous monitoring strategy and shows how organizations can create an information security continuous monitoring program.
"The same American ingenuity that put a man on the moon also created the Internet," President Obama says. "We must now harness that spirit of innovation to ... secure technologies to build a safer, more prosperous future for all Americans."
Federal authorities have hired a contractor to design, develop and test ways to electronically obtain and record patients' consent to exchange their information.
From the earthquake in Japan to Hurricane Irene in the U.S., organizations worldwide have found their business continuity and disaster plans tested. But what lessons must we draw from these incidents?
Ten years after the 9/11 attacks, many organizations still need to do a better job of monitoring their networks for threats, says security specialist Mac McMillan.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.