Leading this week's industry news roundup, IBM receives a new mobile technology patent, while Tripwire releases a new vulnerability management solution, and Fiserv announces two new anti-fraud solutions.
The chief executive of the Finnish company that uncovered the Internet website vulnerability known as Heartbleed says security practitioners should rethink how they approach IT security by placing a greater emphasis on vetting software for vulnerabilities.
A notion emerging from the Heartbleed bug is that organizations can't determine if the vulnerability caused data to be exfiltrated. But CERT's Will Dormann says that may not always be the case.
Security experts agree that the newly-discovered Heartbleed bug is a serious threat, but what are the specific risks, and how can they be mitigated? Thought-leaders offer insights and practical advice.
Security forums and experts are buzzing about the newly discovered Heartbleed bug, which allows anyone on the Internet to read the memory of systems protected by vulnerable versions of OpenSSL software.
Symantec's 2014 Internet Security Threat Report calls 2013 the year of the mega breach. Why? Because it's getting far too easy for the bad guys to pull off these breaches, says Symantec's Kevin Haley.
The workforce of a key information security occupation - computer and network systems administrator - has been experiencing a decline in numbers in recent years, according to an Information Security Media Group analysis of U.S. Labor Department data.
Increasingly, organizations are seeing attacks migrate from the network to the application level. How can security leaders ensure they are prepared to handle this shift? Kunal Anand of Prevoty offers insight.
The FFIEC just issued new guidelines on DDoS risks to U.S. banking institutions. What is the substance of these guidelines, and how must banks and credit unions respond? Rodney Joffe of Neustar offers advice.
Paul Egerman and other HIT Policy Committee members approved new recommendations for best practices concerning healthcare providers giving proxy access to patients' electronic health information.
Eight defendants have been charged in an alleged identity theft fraud scheme involving the theft of personal information from a call center for use in unauthorized wire transfers and to obtain payment cards.
Ellen Richey, Visa's chief enterprise risk officer, will offer a keynote address on payments security and fraud prevention at Information Security Media Group's Fraud Summit San Francisco on April 29.
Federal regulators have released a proposed framework for addressing safety risks involved in using healthcare IT, including EHRs and medical devices. The report takes into account that cybersecurity can play a role in ensuring safety.
Starting now, healthcare organizations using Microsoft Windows XP-based medical devices better have short- and long-term strategies to address cybersecurity, says medical device security researcher Kevin Fu.
In many if not most enterprises, the chief information security officer reports to the chief information officer. After all, enterprises cannot function without IT, and security is a support function to safeguard data and systems. Or is it?
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.
