A groundbreaking study from RAND Corporation quantifies the stakes around how zero-day software vulnerabilities get discovered and persist, bringing hard facts to bear on related - and contentious - debates surrounding vulnerability disclosure and public safety.
Implementing robust access controls in healthcare settings can be particularly challenging for several reasons. But Fisher-Titus Medical Center is making progress in strengthening authentication and other security controls, says Peter Jacob, the hospital's manager of IT operations.
In the history of data breaches, Cloudflare's recent breach was strikingly unique, in that a software bug caused a random regurgitation of data from server memory. But a postmortem from CEO Matthew Prince should put most people's concerns to rest.
The Department of Health and Human Services is making progress in improving its information security practices, but it still has gaps that put sensitive data at risk for compromise, according to a new watchdog agency report. Experts say those same gaps are pervasive at many healthcare organizations.
For any of the tens of thousands of organization that may be smarting from this week's Amazon Web Services and Simple Storage Solution (S3) outage, take the following advice to heart: "You must kill your darlings."
Federal regulators are considering the role that blockchain technology could play in advancing the secure exchange of healthcare information, says Steve Posnack of the Office of the National Coordinator for Health IT, who explains ongoing research efforts.
Megaupload Founder Kim Dotcom plans to appeal a New Zealand High Court ruling that found him and three colleagues eligible for extradition to the U.S. The four men are charged with profiting by allowing the trade of copyright-protected content on their file-sharing platform.
Because so many healthcare organizations are growing through mergers and acquisitions at a time when cyber threats are multiplying, effective access control is becoming increasingly important - and more complex, says Joe Meyer of the security consulting firm NCC Group.
The uptick of ransomware and other cyberattacks in the healthcare sector has prompted healthcare provider RWJBarnabas Health to make a number of important moves to help prevent, detect and respond to breaches, says CISO Hussein Syed.
At this year's RSA Conference, we have about 35 videos on the docket. And truly we're talking about the A-Z of information security thought leaders, from CrowdStrike co-founder Dmitri Alperovitch to ZixCorp CEO David Wagner, with a stop in the middle to discuss homeland security with U.S. Rep. Michael McCaul.
Just like epidemiologists studying disease outbreaks, cybersecurity professionals can benefit from identifying and mitigating certain behaviors, says Dr. Elizabeth Lawler, an epidemiologist who is CEO of Conjur, a data security firm.
When Army intelligence specialist Chelsea Manning leaked classified documents to WikiLeaks in 2010, the federal government's security clearance process served as the main defense against malicious insiders. CERT's Randy Trzeciak explains how insider threat defenses have changed since then.
Facebook is aiming to make account recovery and password resets more secure with a new, updated approach that eliminates outdated weaknesses such as emailed reset links, SMS messages and security questions.
The indictment of a former paramedic in a narcotics case calls attention to the potential threats posed by insiders who abuse their access to information systems that support patient treatment.
Leo Scanlon, deputy CISO at the U.S. Department of Health and Human Services, will take a lead role as HHS sharpens its ongoing focus on cybersecurity issues, an effort that will continue under the Trump administration, he explains.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.