Debate surrounding the Cybersecurity Act has focused on whether the government should regulate privately owned, critical IT systems. But the bill also would make significant changes on how government governs IT security, co-sponsor Sen. Tom Carper says. See how.
Blaming developers for application security problems is the wrong thing to do. Here are five reasons why application security development fails in the software development ecosystem of many companies.
The Office of the National Coordinator for Health IT has issued new guidance to health information exchanges and others for how to implement Direct Project secure messaging in a standard way.
ISACA just issued COBIT 5 for Information Security, a business-centric approach to governance and IT management. ISACA's Robert Stroud explains what COBIT 5 means to your organization.
The New England Healthcare Exchange Network, one of the nation's oldest health information exchanges, is continuing to use a federated data architecture model to help protect patient data as it broadens the transactions it accommodates, says Sira Cormier, program director.
The truth about preventing a breach, like the advanced-persistent-threat attack RSA experienced in 2011, is that an organization can't defend critical systems alone, says RSA CISO Eddie Schwartz.
The number of phishing sites is at an all-time high. And so are the targeted brands. The message, says Peter Cassidy of the Anti-Phishing Working Group: "No brand is safe."
Programs from Carnegie Mellon and the University of Maryland come at a time when organizations not only can't find enough IT security professionals to hire to meet their needs, but often lack the leadership to oversee IT security initiatives.
When it comes to breach planning and response, well-intentioned organizations often go wrong. Experian Data Breach Resolution VP Michael Bruemmer tells where they fail and offers advice on how to do these important jobs right.
A new application for Apple mobile devices is designed to help healthcare organizations assess whether an incident is a breach that must be reported to federal authorities. Find out how it works.
Falsified credentials are a growing concern for organizations, as job applicants fill their resumes with bogus academic degrees and job titles. Attorney Les Rosen offers tips for better screening.
The Food and Drug Administration needs to do a better job of collecting information on privacy and security issues related to medical devices to catch problems before they rapidly spread, a new report concludes.
Removing provisions from the original bill to grant the federal government authority to impose standards on the mostly privately-owned critical IT infrastructure is a concession to win votes from Republicans, who oppose regulation.
RSA CISO Eddie Schwartz says he spends more time talking to other chief information security officers and IT security practitioners today than he did a decade ago, when he held the same job at Nationwide Insurance Co.
Medical identification theft is on the rise. Will healthcare reform, as recently affirmed by the Supreme Court, help reverse that trend? Here's why it's difficult to predict the impact of reform.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.