If your organization's leadership has been lukewarm to funding information security efforts, it's time to turn up the heat before you end up in hot water with federal regulators enforcing the HIPAA Omnibus Rule.
It's time to start thinking about the next wave of DDoS attacks, says Neustar's Rodney Joffe. And it's time for other critical infrastructure industries - not just banks - to assess their risks.
In late July, Izz ad-Din al-Qassam Cyber Fighters announced the launch of Phase 4 of distributed-denial-of-service attacks...
A final rule spelling out requirements for state health insurance exchanges drops a proposed requirement that breaches must be reported within an hour of discovery, relying on language in contracts instead.
Until the interoperability of EHRs can be achieved, the Direct Project can help ensure the secure transfer of patient information during a disaster, says Tia Tinney, who's heading a collaborative effort.
Organizations incorporating social media into their daily operations tend to have gaps in policies, and key aspects are often an afterthought, says attorney David Adler, who pinpoints areas to address.
As victims of cyber-attacks on their domain name systems providers, The New York Times, Twitter and the Huffington Post UK may have opened themselves and their customers to more nefarious threats, a leading IT security expert says.
When participating in a health information exchange, providers need to take several HIPAA Omnibus Rule compliance steps, including spelling out responsibilities in the event of an HIE breach, says attorney Helen Oscislawski.
The National Institute of Standards and Technology has issued new guidance for designing cryptographic key management systems that describes topics designers should consider when developing specifications.