The bill's chief sponsor says agencies struggle with cyberthreats. "This update to FISMA will incorporate the last decade of technological innovation, while also addressing FISMA shortcomings realized over the past years." Rep. Darrell Issa says.
From managers who steal to innocent employees who are duped, the insider threat is evolving. Researchers Dawn Cappelli and Randy Trzeciak share their latest insight on malicious and accidental insider risks.
Healthcare organizations signing new deals with vendors, including many cloud services providers, must make sure that their business associate agreements reflect the new HIPAA Omnibus Rule's requirements.
The Medical Device Innovation, Safety and Security Consortium is developing a tool to help providers select medical devices based, in part, on their security attributes, says Dale Nordenberg, M.D., executive director.
Most people will remember March 13, 2013, as the day Cardinal Jorge Bergoglio ascended to the papacy as Pope Francis. But for those who consider cybersecurity vital for society's well-being, it's an historic date as well.
The Privacy and Security Tiger Team, which advises federal regulators, is tackling the issues involved in the exchange of patient information among healthcare providers using the query and response method.
The Department of Health and Human Services conducts three types of audits or investigations involving privacy and security issues. But preparing for any of these inquiries requires similar steps, experts say.
Cyber Command Commander Gen. Keith Alexander tells a Senate panel that it's vital that Congress enact legislation giving the nation's critical infrastructure owners liability protection so they can share cyberthreat information with the government.
Mobility and privacy: Increasingly, organizations are forced to take actions on these topics. What are the latest legal and regulatory trends? Attorneys David Navetta and Ronald Raether share insights.
How are business associates affected by the HIPAA Omnibus Rule? Susan McAndrew of the HHS Office for Civil Rights outlines the relevant provisions and offers compliance advice to covered entities and their partners.
As distributed-denial-of-service attacks on banks continue, a U.S. electric utility also reportedly is a DDoS victim. Is this a sign that hacktivists are broadening their targets? Experts offer analysis.