Multiple hospitals from Hollywood to Germany have been hit recently by ransomware attacks. It's a reminder that no organization is immune to outbreaks of malware that's designed to forcibly encrypt all data stored on PCs and servers.
Federal regulators have issued new guidance to clarify scenarios where HIPAA privacy and security regulation might apply, including for mobile health applications and electronic data exchange. Why are some organizations still so confused?
U.K. police have arrested a teenager on suspicion of having perpetrated a series of high-profile hacks and pranks against senior U.S. officials, including the director of the CIA, plus the recent release of nearly 30,000 DHS and FBI employees' contact details.
When it comes to responding to network security threats, it isn't just a matter of collecting and analyzing data. It's a question of how quickly you can put that data to work in your defenses, says Dan Holden of Arbor Networks.
Several recent health data security incidents - including two at a Florida hospital and another at a Washington state Medicaid agency - illustrate the challenges healthcare organizations face in detecting and preventing insider breaches.
Hong Kong toymaker VTech has revised its end-user license agreement to make clear that it can't be held legally responsible for any data breaches. Many security experts have reacted with fury. But is VTech's move unusual?
While 2015 will be remembered as the year of major hacker attacks in the healthcare sector, most of the health data breaches added so far this year to the official federal tally have involved blunders by insiders. That's why infosec pros need to focus on more than just mitigating hacker threats.
President Obama is creating a federal CISO post as part of a multifaceted initiative aimed at strengthening the nation's IT security. His plan includes forming a public-private Commission on Enhancing National Cybersecurity and boosting government cybersecurity spending by 35 percent.
Here's more evidence of how a data breach can have a major financial impact. The bill for U.K. telecom giant TalkTalk's October 2015 data breach could be as much as $94 million, and the incident resulted in the loss of 95,000 customers.
Java users are being warned to only use newly released installers to avoid a nasty potential exploit. Meanwhile, a veteran bug hunter questions whether Oracle's move to ditch Java browser plug-ins will have a significant security upside.
In this audio report, hear Homeland Security Assistant Secretary Andy Ozment attempt to assuage concerns raised by some business leaders who fear revealing corporate secrets by participating in cyberthreat information sharing. Others also weigh in on the issues.
The Office of Personnel Management is addressing three cybersecurity deficiencies identified by the agency's inspector general as contributing to a significant data breach, Beth Cobert tells a Senate panel considering her confirmation as the new OPM director.
The trend across industries is that automation results in a drastic reduction of operational job roles, even as it brings in economies of efficiency. What then does automation in security mean for the profession?