As they develop mitigation strategies, organizations must keep in mind that all cyber-attacks, ranging from DDoS to phishing, ultimately aim to compromise data - and they virtually all are advanced and persistent.
With promises of ramped up HIPAA enforcement by federal regulators, and changes in the breach notification rule under the HIPAA Omnibus Rule, it's time for organizations to get serious about insider risks.
Making broader use of encryption is an important breach prevention strategy. But what's the best way to set encryption priorities? CISO Eric Cowperthwaite explains how a risk assessment plays a vital role.
In a question and answer session, an FDA official confirms the agency is evaluating how it reviews medical device vulnerabilities and discusses ways that healthcare organizations, vendors and consumers can address security threats.
How can smaller healthcare organizations determine whether a vendor is a business associate or subcontractor directly liable for compliance under the new HIPAA Omnibus Rule? Regulatory expert Marjorie Satinsky explains.
An organization's security is only as strong as that of its partners, says Mandiant Director Charles Carmakal, who offers insight on common attack trends emerging from recent data breach investigations.