Organizations create more data than ever, and they face more requirements to collect and present it for investigations and legal cases. How do they avoid spoiling this data? Zapproved's Sarah Thompson offers tips.
Many organizations spin their wheels when it comes to cybersecurity, says IBM's Andy Land. They invest in tools that do everything except what security leaders are fundamentally tasked with doing: Protect the data.
For years, information security experts have been warning users to create complex, unique passwords, and organizations to secure them properly. But an analysis of 12 million cracked Ashley Madison passwords shows how much we're still failing.
Apple is moving to contain an outbreak of malicious apps being distributed via its official App Store that were infected with XcodeGhost malware. Hundreds of apps and millions of users were reportedly infected.
Building better relationships between organizations' privacy and security teams and the workforce, as well as between covered entities and their business associates, is essential to improving patient data security. That was a key theme at last week's Healthcare Information Security Summit in San Francisco.
Too often, individuals who fail to take the proper steps to secure IT aren't punished for their reckless behavior. But should those who consistently fail to follow safe cyber hygiene be severely penalized for repeatedly falling for phishing attacks?
The insider threat is one that organizations often want to overlook. But it's hard to ignore when they are losing critical assets. Lockheed Martin's Douglas Thomas tells how to sell an insider threat program.
While covered entities and business associates are becoming more aware of the need to encrypt patient data at rest, they often overlook securing data as it's shared and received, says security expert Joe Meyer of Coalfire.
The human element has been referred to as the weakest link in the security chain. Do advances in applying analytics to human behavior hold the key to reducing risks?
Pediatric hospitals face an assortment of ID and access management challenges when managing Web portals that provide access to patient data, says Cris Ewell, CISO at Seattle Children's Hospital.
Sutter Health's revelation that a former employee inappropriately sent patient information to a personal email account in violation of the organization's policy is yet another reminder of the privacy risks posed by email communication.
The U.S. payments infrastructure will come up far short of completing the rollout of EMV technology by the Oct. 1 fraud liability shift date. Experts say high costs, a perceived lack of consumer demand and doubts about EMV's ability to significantly reduce card fraud are to blame.
If the Chinese government hacked the U.S. Office of Personnel Management for espionage purposes, then the U.S. government's $133 million contract to provide ID theft monitoring services is a waste of money. Instead, the agency could have used the funds to safeguard its systems against future attacks.
Security experts trace many of the world's cybercrime attacks to Russia. But Russian authorities never extradite suspects, and they allow hackers to operate with impunity - if they play by some ground rules.
Adjusting risk management strategies in the aftermath of the newly discovered hacker attack on Excellus BlueCross BlueShield, as well as other recent massive cyber-attacks, will be among the hot topics discussed at the Healthcare Information Security Summit in San Francisco on Sept. 17.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.