Smartphones are ubiquitous in organizations today. But how secure are these devices -- and what are the security and liability vulnerabilities associated with their use?
A roundup of this week's top news: Hackers target RSA's SecurID products. Also, Japan's nuclear crisis: What do you need to know? Plus: New Health Net breach may be biggest ever.
It's serious news that RSA's SecurID solution has been the target of an advanced persistent threat. But "It's not a game-changer," says Stephen Northcutt, CEO of SANS Institute. "Anybody who says it is [a game-changer] is an alarmist."
"Persistent" is the operative word about the advanced persistent threat that has struck RSA and its SecurID products. "If the bad guys out there want to get to someone ... they can," says David Navetta of the Information Law Group.
The announcement by RSA that it had been a victim of an advanced persistent threat shook the global information security industry. Stephen Northcutt of SANS Institute and David Navetta of the Information Law Group offer insight on what happened, what it means and how to respond.
A second California state agency has launched an investigation into insurer Health Net's recent information breach incident that may have affected 1.9 million individuals nationwide.
"Almost everyone has a firewall and is using it; it's just not necessarily a relevant defense against the way people are actually being attacked," says Josh Corman, research director of enterprise security at security consultancy The 451 Group.
The bill, sponsored by House Cybersecurity Caucus Co-Chair James Langevin, would create a White House office of cyberspace and replace paper-based FISMA compliance with automated, continuous monitoring of IT systems.
Topics to be addressed at the NIST cloud computing forum include the cloud's trustworthiness and standards. Google Chief Internet Evangelist Vint Cerf and NIST Director Patrick Gallagher also will speak.
Doug Fridsma, M.D., Ph.D., of the HHS Office of the National Coordinator for Health IT, compares and contrasts the security approaches of two federal health information exchange projects.
"This is not a record of success; whatever we are doing is not working," says James Lewis of the Center for Strategic and International Studies. "As a nation, despite all the talk, we are still not serious about cybersecurity."
The HHS Office for Civil Rights is seeking a 13.5 percent increase in its budget for fiscal 2012 to fund initiatives primarily designed to enforce HIPAA and HITECH Act provisions for privacy and security.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.
