Imagine a cyber-attack that disables an electricity distribution center. What's the role of the U.S. military, government or the utility company in defending and retaliating? That's a question on the mind of Army Col. Gregory Conti.
Florida's recent rollout of knowledge-based authentication in the application process for various benefits programs, including Medicaid, is already helping to crack down on ID theft and fraud, says Andrew McClenahan, who heads the effort.
For the next round of HIPAA compliance audits that begins this all, organizations need to prepare documentation that can speak for itself, because unlike the pilot program, there will be no onsite visits, says privacy attorney Adam Greene.
The Office of the National Coordinator for Health IT has unveiled its 10-year plan for achieving an interoperable, nationwide health IT infrastructure. The plan includes privacy and security among five core building blocks.
Customers increasingly use digital channels to interact with organizations. But these interactions raise new security concerns that must be addressed by IAM solutions, says David Gormley of CA Technologies.
The Senate has confirmed Sylvia Mathews Burwell as the next secretary of the Department of Health and Human Services, replacing Kathleen Sebelius, who announced her resignation in the wake of the troubled HealthCare.gov launch.
In the wake of the Heartbleed flaw, a researcher finds new weaknesses in OpenSSL that could be exploited to launch man-in-the-middle attacks, distributed-denial-of-service attacks and remote-code execution on millions of sites.
Although breach prevention may be on the minds of more CEOs and boards of directors in the wake of recent incidents, getting their buy-in for funding still requires educating them on the risks that could have an impact on the business.
There's good news on the Zeus Gameover Trojan and Cryptolocker ransomware campaigns: The number of new infections has become "very low," if not fallen to zero. But related attacks could quickly resurge. Learn the reasons why.
Healthcare organizations should take several key steps to ensure the cybersecurity of medical devices, including "walling off" certain devices from the network, says Rick Comeau of the Center for Internet Security.
A George Mason University researcher says NIST's cybersecurity framework is likely to cause more problems than it solves. Instead, he encourages critical infrastructure operators to adopt dynamic cybersecurity provisions.
Healthcare organizations using medical devices that run on the Microsoft Windows XP platform, which is no longer supported, need to have short- and long-term strategies to address cybersecurity, says medical device security researcher Kevin Fu.