Healthcare organizations remain largely unaware of how the Heartbleed bug affects their sector, thinking that only websites and servers can be infected, when medical devices are still vulnerable as well, says Codenomicon's Mike Ahmadi.
From Neiman Marcus to P.F. Chang's, 2014 has shaped up to be the 'Year of the Data Breach.' What lessons can be gleaned from the trenches of breach investigation? Experian's Michael Bruemmer shares tips.
Microsoft launched a botnet-focused takedown effort that didn't just block small-scale campaigns tied to two pieces of malware, but also resulted in an estimated 4 million legitimate site names being disrupted.
Many IT security practitioners see their work as a game, one in which they try to outsmart attackers, says Eric van Ommeren, co-author of the just-published book, Staying Ahead in the Cyber Security Game:
What Matters Now.
HIPAA settlements with large financial penalties grab headlines, but the majority of regulatory actions tied to breaches and other HIPAA complaints call for no such penalties. And most complaints are dismissed. Find out why.
A Florida law that takes effect July 1 toughens the state's data breach notification statute by, in part, broadening the term "personal information" to include individuals' usernames and e-mail addresses under certain circumstances.
Taking steps to ensure patient privacy is protected as more records are exchanged among provider organizations will be a top challenge for ONC's next chief privacy officer, says the office's outgoing privacy chief, Joy Pritts.