Addressing cyber-attacks is not just a technology issue. It requires a holistic view from the entire organization, says ISACA's Jeff Spivey, who emphasizes the need for a framework approach to security.
Healthcare organizations aren't performing enough analysis of user behavior to detect possible insider threats, says security consultant Mac McMillan, who outlines the importance of auditing for abnormalities.
Insurer WellPoint has agreed to pay the Department of Health and Human Services $1.7 million to settle a HIPAA case stemming from a website data breach that may have exposed information on more than 612,000 individuals.
After a federal court dismissed a class action lawsuit filed against Adventist Health System in the aftermath of a breach affecting 763,000 patients, another lawsuit was immediately filed in a state court. Find out the details.
Our analysis of U.S. government labor statistics shows a sizable increase in the IT security workforce. But the way the occupation is defined may have as much to do with the increase as the number of jobs themselves.
A unit of the U.S. Commerce Department overreacted to perceived malware infections and unnecessarily spent more than half of its IT budget to mitigate the situation, according to an inspector general audit.
Getting critical infrastructure operators involved is the biggest challenge the federal government faces in creating a cybersecurity framework, says NIST's Adam Sedgewick, who leads efforts to create the framework ordered by President Obama.
A new report shows that large data breaches in all sectors last year in California mirror a problem that keeps happening at lots of healthcare entities across the country. Find out what that problem is.