If presidential candidates don't have the technical know-how to take an educated stand on whether tech companies should provide the government with a backdoor to encryption, how can we judge if they'll make the right choice if they get elected?
Proposed HIPAA Privacy Rule changes in pending federal legislation could lead to elimination of the requirement to de-identify patient data that's used for research purposes, raising questions about whether that data will be at a higher risk for breaches, warns data de-identification expert Khaled El Emam.
New proposed FDA cybersecurity guidance is an important step in getting medical device manufacturers more focused on the risks posed by their products as they're used in healthcare settings, security experts say.
Casino operator Affinity Gaming has sued incident response firm Trustwave, alleging that the firm failed to fully eradicate and "contain" the 2013 data breach and payment card malware outbreak that it was hired to remediate.
Cryptocurrency exchange Cryptsy has revealed that it suffered a 2014 hack attack that now leaves it insolvent. The exchange is appealing to its attacker to return the stolen bitcoins, worth $5 million today - no questions asked.
The FBI is investigating the point-of-sale malware breach at hotel chain Hyatt, which says related infections stretched for four months and affected 250 hotels worldwide. But Hyatt has yet to reveal how many customers or payment cards were compromised - or how attackers got in.
If federal regulators pull the plug on the HITECH Act's "meaningful use" incentive program for electronic health records, they must devise bold new ways to help ensure that data stored in EHR systems is secure.
Microsoft has patched a new, critical remote code execution vulnerability affecting all versions of Internet Explorer, but it's now only supporting and patching IE 11 and Edge. Potentially, several hundred million users of old IE versions are now at risk.
Tracing bitcoin transactions, some security experts suspect multiple gangs have each amassed more than $1 billion, making them the equivalent of "unicorns" - a term venture capitalists apply to extremely successful startup firms. In case there was any doubt, cybercrime really does pay.
Reliable data specifying the number of people employed in the United States in cybersecurity field is hard to find. But one government survey shows a 5 percent increase among information security analysts in 2015.
A federal official's comments this week that the government is "ending" the HITECH Act's "meaningful use" incentive program for electronic health records is raising numerous questions, including what's next for health data privacy and security regulations.
Networking vendor Fortinet refutes a researcher's assertions that there is an SSH "backdoor" in the FortiOS firmware that runs its devices. Many experts say that while the patched flaw looks unintentional, it might still serve as a backdoor.
The discovery of a serious remote code execution flaw in Trend Micro's consumer security software - now patched - is a reminder that even security software has code-level flaws. But shouldn't security vendors be held to a higher standard than others?