When it comes to threat detection, spotting malicious insiders is one thing. They often leave a trail. But how do you protect against the accidental insider threat? Mike Siegel, VP of Products at Forcepoint, shares strategy and solutions.
In 2016, the healthcare sector faces a variety of complex legislative and regulatory issues, especially those tied to patient privacy, says attorney Kirk Nahra. For example, new rules could emerge covering the use of patient data in research.
A team of cryptographers has found that the random-number generator Dual_EC - known to have been backdoored by the NSA - was added to Juniper's ScreenOS firmware around 2008 and is still present, although the networking giant has promised to soon replace it.
The primary mission of the new Global Cyber Alliance is to identify measurable ways to mitigate cyberthreats facing the public and private sectors, says Phil Reitlinger, a former DHS official and Sony CISO, who heads the new group.
HealthcareInfoSecurity announces its fourth annual list of top influencers, recognizing leaders who are playing significant roles in shaping the way healthcare organizations approach information security and privacy.
To help remove perceived obstacles, federal regulators have issued new guidance on patients' rights under HIPAA to access their health records. Find out what the guidance says about the use of unencrypted email and other key issues.
The New York Attorney General's settlement with taxi-hailing platform Uber - over alleged customer data privacy violations and a delayed data breach notification - provides a best practice security template for any organization that handles customer data.
While DDoS attacks were once deemed primarily a nuisance, experts now say they're becoming a routine strategy cybercriminals use as part of a campaign to commit fraud or extortion. What are the four key attack trends to watch out for in 2016?
Today's enterprise infrastructure is full of blind spots that can hide malicious threats, and traditional security tools struggle to scale up to meet increased demands. How must security leaders respond? Amrit Williams of CloudPassage shares insight.
Slamming a Ukrainian energy provider for recently falling victim to a spear-phishing email and Excel macro attack might be easy. But security experts recommend all organizations use the incident to ensure they won't fall victim to copycat attacks.
After a data breach, how can organizations cooperate with law enforcement without increasing the likelihood they'll face civil lawsuits? By sticking to the basic facts, says T.C. Spencer Pryor, partner at the law firm Alston & Bird, in this video interview.
Attorney Kevin McGinty analyzes the potential impact of a Massachusetts judge's unusual decision to allow a class-action lawsuit stemming from a health data breach to proceed, despite a lack of evidence of harm stemming from the incident.