Learn how the partial government shutdown is hampering a wide variety of important Department of Health and Human Services programs, ranging from patient privacy protection to disease outbreak detection.
Mitigating card risks associated with retail malware attacks and POS vulnerabilities is a focus of updates to the PCI Data Security Standard, say Bob Russo and Troy Leach of the PCI Security Standards Council.
Hackers allegedly trafficking in personally identifiable data have reportedly breached the computers of three major data aggregators, raising doubts about knowledge-based authentication as a tool to verify identity.
NIST awards a total of $7 million in grants to five organizations to develop and pilot reliable and easy-to-use identity credentials that could help build trust in online commerce and boost the economy.
New federal guidance promotes the use of key privacy and security capabilities in electronic health record systems used by healthcare providers ineligible to participate in the HITECH Act incentive program.
Microsoft touts new security features built into the Windows 8.1 Enterprise operating system. But are they enticing enough to win over organizations that are reluctant to upgrade from older OS versions?
A big security mistake medical device vendors make is failing to adequately address that their wireless products will connect to other systems, says security expert Jay Radcliffe, who has reported concerns about insulin pumps to the FDA.
Angered over the Edward Snowden revelations, DEF CON says the feds should take a 'time-out' from this year's hackers' conference. But a top DHS cybersecurity policymaker says he's still invited to participate in a conclave panel discussion.
Our analysis of U.S. government labor statistics shows a sizable increase in the IT security workforce. But the way the occupation is defined may have as much to do with the increase as the number of jobs themselves.
As they develop mitigation strategies, organizations must keep in mind that all cyber-attacks, ranging from DDoS to phishing, ultimately aim to compromise data - and they virtually all are advanced and persistent.