Warning: Too many voice over IP devices being used in enterprise environments have well-known default passwords or no security at all, thus leaving organizations at risk from covert surveillance and toll-fraud scammers, experts say.
The U.S. and U.K. government push to "backdoor" strong crypto - used to secure everything from online banking and e-commerce to patient health records and consumer communications - wouldn't stop most criminals or terrorists, researchers warn.
Federal regulators have issued new guidance to clarify scenarios where HIPAA privacy and security regulation might apply, including for mobile health applications and electronic data exchange. Why are some organizations still so confused?
When it comes to medical device security, healthcare organizations need to make some bold moves to improve the cybersecurity of devices used in their environments, says medical device cybersecurity expert Stephen Grimes. He'll be a featured speaker at the HIMSS 2016 Conference.
U.K. police have arrested a teenager on suspicion of having perpetrated a series of high-profile hacks and pranks against senior U.S. officials, including the director of the CIA, plus the recent release of nearly 30,000 DHS and FBI employees' contact details.
When it comes to responding to network security threats, it isn't just a matter of collecting and analyzing data. It's a question of how quickly you can put that data to work in your defenses, says Dan Holden of Arbor Networks.
Several recent health data security incidents - including two at a Florida hospital and another at a Washington state Medicaid agency - illustrate the challenges healthcare organizations face in detecting and preventing insider breaches.
Hong Kong toymaker VTech has revised its end-user license agreement to make clear that it can't be held legally responsible for any data breaches. Many security experts have reacted with fury. But is VTech's move unusual?
The Obama administration's proposed fiscal 2017 budget yet again seeks additional funding for the long overdue HIPAA compliance audit program and a variety of other health data privacy and security efforts. But will Congress approve spending increases?
It's the 25th anniversary of the RSA Conference. What's planned for this year's landmark security event? Britta Glade, senior content manager for the conference, and Informatica CISO Bill Burns offer a preview of the RSA Conference 2016 in San Francisco.
Privacy looks to be one of the hottest topics at RSA Conference 2016. Cisco's Michelle Dennedy shares insights on encryption backdoors as well as the likely impact of newly revised EU privacy legislation.
Why should CISOs not report to CIOs? And why do CISOs need more direct lines of communication with CFOs? Chris Pierson, a cybersecurity attorney and CISO who'll be a speaker at RSA Conference 2016, provides answers.
While 2015 will be remembered as the year of major hacker attacks in the healthcare sector, most of the health data breaches added so far this year to the official federal tally have involved blunders by insiders. That's why infosec pros need to focus on more than just mitigating hacker threats.
President Obama is creating a federal CISO post as part of a multifaceted initiative aimed at strengthening the nation's IT security. His plan includes forming a public-private Commission on Enhancing National Cybersecurity and boosting government cybersecurity spending by 35 percent.