Thor Ryan, chief security officer at the Alaska Department of Health and Social Services, offers lessons learned as a result of his organization's $1.7 million settlement following a HIPAA compliance investigation triggered by a small breach incident.
A Twitter posting by an individual claiming to be from the hacktivist collective Anonymous claimed it targeted GoDaddy on Sept. 10, but it wasn't until the following day the company determined its computers were not breached.
Federal authorities have dropped plans to draft regulations setting voluntary "rules of the road," including privacy and security guidelines, for health information exchanges to help pave the way for the national exchange of information.
An individual claiming to be part of Anonymous, the hacktivist group that has targeted big business and government, seems to have taken aim at small businesses by claiming to have disrupted website host GoDaddy.com.
Sen. Susan Collins, who, like President Obama, backs the Cybersecurity Act, cautions the president against issuing an executive order to protect the nation's critical IT, saying it would send an signal that congressional action isn't urgently needed.
Mike Mitchell, who serves as chairman of the PCI Security Standards Council, says mobile is a focus for leaders in the payment security space. So does the PCI Council expect emerging tech to influence the PCI-DSS?
An advisory panel wants a multi-factor authentication requirement included in Stage 3 of the HITECH Act electronic health record program. Find out under what circumstances that requirement would apply.
Organizations must carefully consider patch management in the context of overall IT security because it's so important to achieving sound security. Read about NIST's recommendations on how best to implement patch management.