Two final rules for the HITECH Act electronic health record incentive program strongly emphasize the value of risk assessments and encryption as measures for safeguarding patient information. Here's an analysis of the details.
One week after the EMV fraud liability shift took effect for U.S. merchants, experts say much more needs to be done to prepare merchants for chargebacks and new socially engineered scams aimed at exploiting consumers.
A cybercrime ring that employed the Angler Exploit Kit to earn an estimated $34 million per year - from ransomware infections alone - has been disrupted by security researchers at Cisco's Talos security intelligence and research group.
Security on the endpoint took a long time to move away from mere patching, hardening and anti-virus technologies. To fight advanced threats, experts say visibility on endpoints is being transformed by the advent of endpoint detection and response tools.
In this audio blog report, hear why former NSA Director Mike McConnell changed his view on the value of the government getting device manufacturers to create a backdoor to allow law enforcement to bypass encryption.
The Department of Health and Human Services has released final rules for the HITECH Act electronic health record incentive program that address privacy and security issues. HHS has also released its final "interoperability roadmap" designed to guide progress toward health data exchange.
Prosecutors recommended that twin brothers Muneeb and Sohaib Akhter serve a six-year and a two-year sentence, respectively, after pleading guilty to hacking-related charges. But one of the men received a much lighter sentence.
The Court of Justice of the European Union has ruled that the EU-U.S. Safe Harbor data sharing agreement is invalid because the United States has failed to safeguard Europeans' privacy rights. Legal experts say the judgment is a direct response to Edward Snowden's revelations.
BitSight Technologies is out with its annual Industry Benchmark Report, and cybersecurity ratings are low for the energy and utilities industry. BitSight's Mike Woodward shares insights for all sectors.
Proposed federal legislation calls for testing the use of smart cards, similar to the chip cards being rolled out by the U.S. credit card brands, for Medicare patient identification to help reduce fraud. Kelli Emerick, leader of the Secure ID Coalition, explains the proposal.
Federal regulators have launched a Web portal that provides HIPAA compliance advice for application developers, especially those developing mobile health apps. Some privacy and security experts it's an overdue step in the right direction for companies that need more guidance.
The DHS's inspector general is reopening an investigation into allegations that dozens of Secret Service agents improperly accessed Rep. Jason Chaffetz' unsuccessful application to be a Secret Service agent that he filed before he was elected to Congress. Chaffetz is running to be House speaker.
As a result of Experian's data breach, 15 million T-Mobile subscribers are at risk from phishing attacks and fraud. But it's not clear what more T-Mobile can do to protect breach victims, says security specialist Mark James.
In the wake of the Oct. 1 EMV fraud liability shift date, U.S. merchants can expect to pay for counterfeit fraud losses previously absorbed by European issuers, says Jeremy King of the PCI Council. Longer-term, he expects European banks will experience more fraud as U.S. POS and card security leapfrogs other markets.
Recent breaches indicate that stronger controls are needed to protect key corporate assets - especially identities. CA's Steve Firestone discusses how to protect identities, while at the same time improving the user experience.