The hacking of the State Department's unclassified systems, revealed over the weekend, and a similar incident involving a White House network, unveiled last month, are linked, an official says.
Put together, two IRS audits illustrate a major concern many security pros have about FISMA audits: They're checklists of whether organizations comply with regulations that require specific processes but do not determine if the processes are effective.
The Walgreens case is the second state court ruling in recent weeks that calls attention to how incidents involving alleged patient privacy violations can lead to negligence lawsuits that invoke HIPAA as a benchmark.
The stiff sentence of a cybercriminal for his role in an Internet-based scheme that trafficked in hacked payment card sends a strong message about the serious nature of ID theft. But experts say more tough sentences are needed to deter fraudsters.
The State Department shuttered its unclassified e-mail system over the weekend as a result of a suspected hack, reportedly the same breach that the White House last month said hit its computer system.
From PCs to tablets to smartphones, customers enter institutions from all electronic angles. And these new banking habits put new strains on traditional IT infrastructure. How can banks ensure security?
Brendan Hannigan became IBM's top security systems executive in 2011, when Big Blue acquired the company he ran, Q1 Labs. Hannigan says acquisitions will remain a key component in the growth of IBM's security business.
A Connecticut Supreme Court ruling paving the way for a case involving accusations of negligence stemming from an alleged violation of HIPAA privacy standards could potentially have an impact on data breach cases, the plaintiff's attorney says.
Leading this week's industry news roundup, Microsoft acquires Aorato to expand its threat visibility solutions, while Alert Logic introduces its new cloud-based security and compliance suite.
The loss of a server at a Visionworks optical wear retail store in Maryland offers a reminder not only of the importance of encryption but also the value of good inventory management and data disposal practices.
Organizations in all business sectors should take a series of steps to guard against "visual hacking," a low-tech method used to capture sensitive, confidential and private information for unauthorized use.
To protect against medical ID theft and fraud, healthcare organizations need to build comprehensive security programs that go beyond just putting their "finger in the dike," says security expert Mark Ford of Deloitte.
A top-flight IT security team requires individuals with know-how in a wide range of non-technology disciplines, in addition to those with technical expertise, cybersecurity leaders say.
Microsoft has issued a patch to correct a critical vulnerability in Schannel, which encrypts transactions on most Windows platforms. The bug is "concerning" for organizations running the service, some experts say, comparing it to the Heartbleed flaw.
"It's a tough conversation, telling [clients] they've spent a lot of money on defense-in-depth that isn't working," says FireEye CEO David DeWalt. "If they don't change, they're risking their company."
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.
