NIST's Ron Ross, a big NASCAR fan, likens new security controls guidance to the tools race-car builders use to prevent drivers from breaking their necks when crashing into a brick wall at 200 miles an hour.
The skills/staffing shortage was top of mind among thought-leaders at the recent Infosecurity Europe event. But what will it take to attract the new faces and skills we need to grow the profession?
The privacy and security provisions of the HIPAA Omnibus Rule and the HITECH Act EHR incentive program "dovetail together quite nicely," says federal privacy officer Joy Pritts, who offers compliance tips.
Predictive analysis is an emerging tool being used to identify potential cyberthreats against organizations. But how does the process work? Booz Allen Hamilton's Christopher Ling explains.
NIST's Donna Dodson is leading a federal government effort to take hundreds of suggestions from the private sector to create an IT security best practices framework that critical infrastructure operators could voluntarily adopt.
Although there have not yet been any confirmed reports of financial fraud associated with a major data breach at the Utah Department of Health last year, the potential for costly fraud is huge, contends Al Pascual of Javelin Strategy and Research.
When Richard Nealon first sat for his CISSP exam, he was struck by how U.S.-centric the questions were. Since then, he has strived to promote greater awareness of global information security concerns.
Accountable care organizations face complex data security and privacy issues as patient information is accessed and shared among many providers, says security expert Bill Fox.
CISO Mark Olson of Beth Israel Deaconess Medical Center offers detailed insights on the specific steps that medical device manufacturers can take to help ensure data security.
A Senate panel approved a bill to strengthen e-mail privacy protections despite concerns expressed by the head of the Securities and Exchange Commission that the legislation could hinder investigations.
The Department of Health and Human Services is preparing guidance designed to assist healthcare providers and business associates in complying with the HIPAA Omnibus Rule.
Organizations face new cyber-risks from their third-party service providers. But standard contracts fail to cover these risks. Trend Micro's Tom Kellermann discusses the risk management essentials.
It isn't just the quantity of cyber-attacks that's staggering; it's the quality. The average hacker now has access to nation-state-level attack capabilities, says James Lyne of Sophos. How can organizations defend?
It isn't a staffing shortage that we face, but rather a skills crisis, says Allan Boardman, international vice president of ISACA. How can organizations build the security skills they need to mitigate evolving risks?
Imagine this: A lewd picture of Anthony Weiner is sent from his Twitter account, and he claims his account was compromised, and that a hacker sent the image. Would you believe him?
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.
