Information risk management expert Ron Ross is evangelizing a new way to secure IT that adopts an engineering approach to build trustworthy and resilient information systems.
The moment a successful defense is deployed, attackers find new ways to break into networks. In this video interview, Dr. Dale Meyerrose describes the damage wreaked by APTs and the strategies organizations can use to keep attackers at bay.
Several recent data breaches involving email mishaps serve as a reminder of precautions that healthcare entities must take with protected health information contained in digital communications that are sent or received by their organizations.
The ruling to dismiss the FTC's data security case against medical lab LabMD will result in FTC staff more carefully vetting the enforcement cases the agency pursues against all other companies in the future, predicts former FTC attorney Reed Freeman.
A messy legal saga between the FTC and LabMD, related to a data security dispute, appears closer to ending with a significant win for the medical testing lab. What comes next in this hotly-contested case?
The terrorist attacks in Paris likely would have occurred even if intelligence and law enforcement agencies could have broken encryption Islamic State attackers used in their communications to plan the assault that killed at least 129 people.
In the wake of the Paris attacks, cybersecurity expert Brian Honan argues that now is not the time to make snap public policy decisions that attempt to promote or restrict either cryptography or surveillance.
The Irish Reporting and Information Security Service's IRISSCON Cyber Crime Conference is due to touch on DDoS, fraud, breach response, malware, social engineering, the Paris terror attacks and more.
The annual Black Hat Europe conference this year once again brought together numerous information security aficionados in Amsterdam for the latest training and security insights. Here are visual highlights from the conference.
Flaws highlighted by researchers at Black Hat Europe could be used to bypass self-encrypting drives' crypto, defeat Windows BitLocker, fool self-driving cars, mess with oil and gas ERP systems and more.
A government audit of Internal Revenue Service financial statements reveals deficiencies in internal information security controls, including missing security updates, insufficient audit trails and monitoring for certain key systems and use of weak passwords.
As the Department of Health and Human Services gears up for its second round of HIPAA compliance audits, the focus will shift to using these audits for potential enforcement actions, including financial settlements, predicts attorney Anna Spencer.
Here's how police and intelligence officials in Europe and the United States are collaborating to identify and disrupt the network of people that planned, supported and launched the Nov. 13 terror attacks in Paris.
The continuous integration tools that many software developers rely on are often misconfigured or lack security controls, thus putting code at risk, security expert Nikhil Mittal claims at Black Hat Europe.
Because hackers often find a way to stick around or repeat their network intrusions after remediation efforts are completed, organizations need to ramp up their "continuous detection" efforts, says security expert Wendi Whitmore of CrowdStrike.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.
