No two fraud incidents may be exactly alike, but a fraud investigator's approach can still be very consistent and precise, says Jean-Francois Legault, a fraud investigations specialist with Deloitte and Touche.
"The timing and the targets point to China," says cybersecurity policy expert James Lewis. "Spying right before the Beijing Olympics and focusing on Southeast Asia reflects China's larger interests more than those of any other country."
Federal authorities have received more than 400 comments on a proposed Accounting of Disclosures Rule, including many complaints that its patient record access report provision is impractical.
Before entering a contract with a cloud computing company, organizations should consider three critical issues, says Feisal Nanji, executive director at the security consulting firm Techumen.
Extensive news coverage about the attacks against RSA and others have made customers jittery. "The publicity resulted in many customers' risk tolerance going down whilst their level of awareness and concern went up," says RSA CFO David Goulden.
"The lack of individual accountability over user accounts provides ample opportunities to conceal malicious activity such as theft or misuse of veteran data," VA Assistant Inspector General Belinda Finn says.
Scott Laliberte, managing director of Protiviti, wrote the book on penetration testing, and he has strong feelings about what organizations are doing right and wrong when assessing their information security risks today.
About a dozen privacy controls are expected to be added to the next revision of NIST's security controls' guidance, SP 800-53, says NIST Senior Computer Scientist Ron Ross says.
Dan Rode of the American Health Information Management Association describes why the group wants to see major revisions in a proposed federal rule requiring hospitals, clinics and others to give patients access reports listing everyone who's viewed their records.
BlueCross BlueShield of Tennessee, which experienced a health information breach affecting nearly 1 million individuals in 2009, has completed the encryption of all its stored data.
Two electronic health records pioneers that already have earned federal EHR incentive payments stress that a robust risk management program should be an essential component of any movement from paper to electronic records.
The arrest is part of a continuing investigation into network intrusions and distributed denial of service attacks against a number of international business and intelligence agencies by what is believed to be the same hacking group.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.
