Several healthcare associations have raised concerns about some of the privacy and security components of the Office of the National Coordinator for Health IT's proposed 10-year electronic health record interoperability roadmap.
Some merchants want to postpone the EMV-related fraud liability shift, which major card brands have slated for October. But Randy Vanderhoof of the EMV Migration Forum sees "no reason to move the date."
We all know that breaches and cybersecurity are topics of boardroom discussion. But how should security leaders present them to their boards? Jim Anderson of BAE Systems Applied Intelligence offers tips.
The RSA Conference is nearly a quarter-century old. What is the legacy of this event, and how is it flourishing in new geographic regions? Art Coviello, former chairman of RSA, reflects on the event's impact.
DDoS attacks are easy to launch yet difficult to defend against. Margee Abrams of Neustar discusses the state of DDoS and how organizations can best defend against today's potentially damaging attacks.
RSA Conference 2015 is expected to be the biggest gathering in the event's history. What's new at this year's event, and how can attendees get the most out of it? Program chair Hugh Thompson shares tips.
The Health Information Trust Alliance is attempting to launch a study, fueled by anonymized data gathered from healthcare organizations, to get a better understanding about the severity and pervasiveness of cyber-attacks in the sector.
New, advanced point-of-sale malware dubbed "Poseidon" can exfiltrate card data directly from every infected device. And security experts warn that too many retailers fail to test POS devices and segment networks to mitigate all malware threats.
The privacy profession is evolving rapidly, and security leaders increasingly need to understand the unique demands and responsibilities that come with protecting privacy. But where do they gain this insight?
The Target breach was the hot topic for many RSA 2014 attendees, but Gartner's Avivah Litan was already talking about the next Target - a UK retailer that may have suffered a similar hack, exposing payment card data.
The cybersecurity framework, the package of best IT security practices issued in mid-February, isn't set in stone, but will evolve in the coming weeks, months and years, says the framework's point man, Adam Sedgewick.
Troy Leach of the PCI Security Standards Council says data security standards are not failing; they just aren't being applied continuously. And conformance with the Payment Card Industry Data Security Standard is just one piece of the puzzle.