Ronald Sanders says it isn't easy to answer the question of whether the information security field should be professionalized. The former human capital officer at the Office of the Director of National Intelligence explains why.
Getting buy-in for information security spending from those who hold the purse strings can be tricky unless risks are properly assessed and articulated. See how some healthcare security leaders tackle the budget challenge.
From a risk-management perspective, Bloomberg didn't consider its reputation when it allowed its reporters to track the log activity of Bloomberg Terminal customers.
If healthcare providers rely on the Direct protocol to meet HITECH Act Stage 2 data exchange requirements, how will that affect the fate of health information exchange organizations? Find out what some HIE experts think.
CERT Technical Manager Dawn Cappelli tells a tale of how three individuals, who unexpectedly quit their jobs at a law firm, used a free cloud service to sabotage files containing proprietary client information from their former employer.
Security specialist David Newell outlines common pitfalls healthcare organizations need to avoid when conducting a risk analysis - such as focusing on an insufficient, narrow HIPAA compliance assessment.
A key difference between state-sponsored espionage and organized criminals or hacktivists is the level of persistence and determination to break through defenses. Here's advice from security experts on defending against nation-state attacks.
Nations that have ratified international cyber-agreements and have a higher concentration of technology tend to reduce cyber-risks more than others, explains Microsoft's Paul Nicholas.
The biggest lesson banking institutions can learn from this week's reported $45 million global cyberheist: Old attacks always return. Learn why thwarting these coordinated fraud schemes is challenging.
Business associates have new obligations under the HIPAA Omnibus Rule. What key compliance steps do they need to take? An expert on healthcare security and regulatory issues provides answers.
Payment data and personal information are both attractive targets for criminals, says breach investigator Erin Nealy Cox of forensics firm Stroz Friedberg. Learn why she says card data isn't the only lucrative target.
Cloud computing providers must step up and develop approaches to prevent their employees from stealing or harming customer data they host, say two experts from Carnegie Mellon University's CERT Insider Threat Center.
Unless they earn patients' and providers' trust, healthcare information exchanges are destined to fail. That's why it's essential to tackle key privacy and security issues right away.
A recent spear-phishing attack involving a Trojan designed to target Android devices offers an important reminder of the emerging threat of mobile malware, says Kaspersky Lab researcher Kurt Baumgartner.
Federal advisers will refine recommendations for how patient privacy can be protected when records are queried by clinicians through health information exchanges.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.
