John Pritchard, a health system security manager with extensive experience in other industries, says it's time for healthcare to apply lessons learned in other business sectors, including banking.
Highly publicized breaches at Facebook, Twitter, the New York Times and other organizations in recent weeks suggest there's a new normal in the cyberthreat arena. But the onetime head of U.S. CERT, Mischel Kwon, doesn't think so.
Malware, DDoS and mobile security aside, one of the biggest risks is organizations' lack of visibility into specific threats. Don Gray of Solutionary explains the need for actionable threat intelligence.
Organizations allowing BYOD often need to strike a balance between technology, convenience and policy enforcement. A roundtable of security experts offers insights on navigating the mobile landscape.
DHS's Bruce McConnell sees a cybersecurity framework in which the owners of critical infrastructure promise the American people they guarantee a specific level of service in the face of cyber-attacks.
Even the brightest technologists aren't immune from cyber-attacks. Just ask Facebook. The social-media company says it fell victim to a sophisticated attack in which an exploit allowed malware to be installed on employees' laptops.
As a result of the HIPAA Omnibus Rule, which broadens the number of organizations that must meet privacy and security requirements, demand for infosec pros in healthcare is higher than ever. Where is the greatest need?
The Citadel banking Trojan is now a threat to multiple sectors. And new research suggests improved monitoring is essential for the protection of critical systems and intellectual property.
The Office of the National Coordinator for Health IT is gearing up to release its first installment of voluntary health information exchange guidelines. Find out the timeline for this and related projects.
Roger Baker, CIO at the Department of Veterans Affairs, announced to his staff on Feb. 15 that he's resigning. Baker led a number of projects that dealt with security issues, including a breach prevention initiative.
Organizations typically secure data where it resides and is transmitted. Data-centric security strategies focus on securing the data itself. Mark Bower of Voltage Security explains.
Security and IT leaders, including John Halamka, are calling attention to the difficulty of complying with a HIPAA Omnibus provision about not passing along certain patient information to insurers. What are their concerns?
The call for an overarching federal cybersecurity strategy comes in the wake of findings from U.S.-CERT that federal agencies reported a nearly eight-fold increase in cyber-incidents over seven years.
Healthcare organizations that allow staff members to use personally owned mobile devices for work-related purposes need to first develop a policy outlining the rules of the road, says federal privacy adviser Kathryn Marchesini.
In this week's breach roundup, read about the latest incidents, including an ID theft case at a Florida health department, and a security technology vendor hit by a breach.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.
