The NSA, in a highly classified program code-named Bullrun, used supercomputers, technical trickery, court orders and behind-the-scenes persuasion to undermine encryption, according to a news report.
Lee Kim, the new director of privacy and security at HIMSS, says keeping track of where sensitive data is located, detecting breaches and dealing with insider threats are among the most critical issues.
In his four years as a top DHS cybersecurity policymaker, Bruce McConnell learned that to build trust with the public, the federal government must be more transparent in the way it approaches security and privacy.
In this week's breach roundup, read about the latest incidents, including the FTC filing a complaint against a medical testing laboratory and an update on a Department of Energy breach.
As a result of a recent Supreme Court case, it's doubtful that HIPAA compliance could be directly enforced by U.S. regulators for offshore business associates, says attorney Stephen Wu.
Children who get treated at new mobile telemedicine clinics will benefit from electronic health records and secure data exchange, just like patients treated in other settings, says Jeb Weisman, CIO of the Children's Health Fund.
As healthcare organizations ramp up HIPAA compliance efforts, they should make far greater use of guidance from the National Institute of Standards and Technology, says security consultant Mac McMillan.
Iris scanning is becoming old hat for authenticating individuals entering secured facilities or crossing international borders, but it remains several years away for use in providing access to IT systems.
With lawmakers heading back to Washington, the Senate likely will take a piecemeal approach to cybersecurity legislation, says Jacob Olcott, the former counsel to a committee whose leaders introduced a draft bill.
Today's advanced threats are no secret. Focusing the correct resources on them is the true challenge, says Will Irace of Fidelis. He offers tips for harnessing the right skills and technology.
If your organization's leadership has been lukewarm to funding information security efforts, it's time to turn up the heat before you end up in hot water with federal regulators enforcing the HIPAA Omnibus Rule.
It's time to start thinking about the next wave of DDoS attacks, says Neustar's Rodney Joffe. And it's time for other critical infrastructure industries - not just banks - to assess their risks.
In late July, Izz ad-Din al-Qassam Cyber Fighters announced the launch of Phase 4 of distributed-denial-of-service attacks...
Operators of media sites should consider adoption of the cybersecurity framework in the aftermath of the recent domain name systems attacks aimed at The New York Times and Twitter.
NIST has issued a discussion draft on the cybersecurity framework ordered by President Obama. The voluntary framework is designed to help reduce risks to the nation's critical infrastructure.
In the wake of domain name systems attacks aimed at The New York Times, Twitter and other media sites, experts say security professionals in all fields should take specific mitigation steps.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.