It's not malware, crime rings or hacktivists. What, then, are among the threats that concern security leaders most? CISO Tom Newton offers new insight on today's top threats and strategies to combat them.
The idea of the U.S. federal government and industry jointly developing IT security best practices will do little to help critical infrastructure operators defend against cyber-risk, says Business Roundtable Vice President Liz Gasster.
As part of the Obama adminstration's gun control efforts, HHS is reminding healthcare providers that HIPAA allows them to disclose patient health information to law enforcement if they believe the patient is a danger to themselves or to others.
Banking institutions have spent the last two years enhancing authentication to conform to regulatory mandates. Organizations in other sectors can learn important authentication lessons from the banking industry.
The failure to pass privacy legislation in the U.S. hasn't stopped regulatory agencies from taking matters into their own hands - a pattern that will continue throughout 2013, says a panel of attorneys.
The National Institute of Standards and Technology plans to develop platform options for secure health information exchange, especially among smaller providers. But how soon will the platforms be available?
In this week's breach roundup, British Columbia's health minister has confirmed personal health data for millions of individuals was accessed for research purposes without authorization, and a Canadian agency lost a device containing student loan information for almost 600,000.
The long overdue final HIPAA omnibus rule has been released. The package includes extensive modifications to the HIPAA privacy, security and enforcement rules as well as an updated version of the HIPAA breach notification rule.
Two new insider fraud cases showcase the challenges organizations face to detect and prevent crimes by trusted employees. "You need IT controls, but you need more than IT," says researcher Randy Trzeciak.
Commenters reacting to proposed HHS requirements for Stage 3 of the HITECH Act electronic health record incentive program raise a wide range of privacy and security concerns. Find out what the AMA and others had to say.
Smart phones that give many IT security managers headaches in developing security policies are being used in increasing numbers to help safeguard systems and applications, thanks to more muscular biometric features, says Steve Vinsik of Unisys.