Georgia Tech researchers are working on a way to profile devices along the supply chain to identify whether they've been compromised, says Paul Royal, associate director of the Georgia Tech Information Security Center.
The healthcare industry must delicately balance the need to keep medical devices secure with the need to protect patient safety, says Michael McNeil, global security and privacy leader at Medtronic, a device manufacturer.
The Department of Health and Human Services has issued a proposal that aims to remove legal barriers under the HIPAA Privacy Rule that may prevent state agencies from reporting mental health information used for gun background checks.
Training that's designed to help workers avoid clicking on links from spear-phishing e-mails may be ineffective because employees often fail to read training materials, says Eric Johnson, a Vanderbilt University professor who's co-author of a new study on the subject.
As a result of high-profile breaches, such as the Target incident, security is increasingly a board issue. What are the key topics security leaders should prepare to discuss in 2014? Alan Brill of Kroll offers his forecast.
Buried deep within a 308-page report from a presidential panel on ways to tighten federal surveillance and IT security programs are important recommendations on how to mitigate the insider threat at federal agencies.