The Health Information Trust Alliance is attempting to launch a study, fueled by anonymized data gathered from healthcare organizations, to get a better understanding about the severity and pervasiveness of cyber-attacks in the sector.
New, advanced point-of-sale malware dubbed "Poseidon" can exfiltrate card data directly from every infected device. And security experts warn that too many retailers fail to test POS devices and segment networks to mitigate all malware threats.
Troy Leach of the PCI Security Standards Council says data security standards are not failing; they just aren't being applied continuously. And conformance with the Payment Card Industry Data Security Standard is just one piece of the puzzle.
Declaring a national emergency over hack attacks, President Obama signed an executive order authorizing the government to impose sanctions on hackers. But information security experts voice questions - and concerns.
Businesses targeted by ransomware attacks are increasingly willing to negotiate with - and even pay - their extortionists. But negotiating with cyberthieves is never a good idea.
Some legal and security experts are questioning the potential effectiveness of President Obama's new executive order that allows the U.S. government to block or seize the assets of individuals suspected of launching significant cyber-attacks
While several experts say two new cyberthreat alerts from the FFIEC are primarily designed to make sure that smaller institutions are mitigating ongoing threats, Shirley Inscoe of Aite says they could also be an indicator of new threats on the horizon.
As more mega-breaches occur, cyber-insurers will more closely assess the security risks of potential clients, leading more organizations to improve their information security programs, attorney John Yanchunis predicts.
Premera Blue Cross already is facing five class action lawsuits in the wake of its massive data breach. Meanwhile, its CEO has provided some answers to questions posed by a U.S. senator regarding the hacker attack.
Slack Technologies, a tech start-up that offers a group chat tool, announces it's rolling out two-factor authentication after hackers breached a database of user profile information.
The House Intelligence Committee has approved cyberthreat information sharing legislation that its leaders developed. Meanwhile, a national data breach notification bill has been introduced that's modeled on language proposed by the White House.
The proposed rules for Stage 3 of the HITECH Act "meaningful use" electronic health record incentive program come up short on privacy and security. But regulators have time to fix that.
Efforts by some Democratic members of a House subcommittee to amend a national data breach notification bill so that states could retain tougher data security requirements have failed. The measure now advances to a full committee.
Three state insurance commissioners are launching a joint investigation into the cyber-attack against Premera Blue Cross, which exposed personal data of 11 million individuals nationwide. Find out what will be examined.
Psychologically speaking, nothing beats the power of a well-timed deadline. And love it or hate it, Google's 90-day "Project Zero" deadline for fixing flaws - before they get publicly disclosed - has rewritten bug-patching rules.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.