Termination of an employee after a breach should be reserved for repeat offenders, individuals who show a total disregard for the rules, those who seek to harm another or the most egregious incidents, security expert Mac McMillan contends.
About two weeks before health insurance exchanges open for business under healthcare reform, an exchange in Minnesota already is reporting a data breach. Find out about the incident and the investigation.
OpUSA's planned Sept. 11 DDoS against U.S. banks and governmental agencies proved to be uneventful, experts say. But they warn that other potential attacks, especially those with a Syria connection, could prove to be far more serious.
Federal authorities are warning banking institutions and government agencies about a wave of DDoS attacks that could strike on 9/11. Learn what steps the FBI suggests should be taken to mitigate the threat.
A class action suit has been filed against Advocate Medical Group following the theft of four unencrypted computers that may have exposed data on 4 million patients. Learn more about the allegations the lawsuit makes.
Iris scanning is becoming old hat for authenticating individuals entering secured facilities or crossing international borders, but it remains several years away for use in providing access to IT systems.
If your organization's leadership has been lukewarm to funding information security efforts, it's time to turn up the heat before you end up in hot water with federal regulators enforcing the HIPAA Omnibus Rule.
A final rule spelling out requirements for state health insurance exchanges drops a proposed requirement that breaches must be reported within an hour of discovery, relying on language in contracts instead.
As victims of cyber-attacks on their domain name systems providers, The New York Times, Twitter and the Huffington Post UK may have opened themselves and their customers to more nefarious threats, a leading IT security expert says.