Boards of directors continue to overlook IT risk management, security and privacy as a top agenda item, says Jody Westby of Carnegie Melon CyLab. Where are the organizational gaps that need to be filled?
As more consumers take advantage of mobile devices for telemedicine, they need to be educated on steps to take to help ensure that their medical information remains secure, says telehealth expert Chuck Parker.
After a breach, some organizations meet the minimum requirements for notification and then hope for the best. The Utah Department of Health is taking a very different approach that's worthy of imitation.
Intuit and GE veteran Steve Bennett, chairman of the IT security software provider, replaces Enrique Salem, the longtime Symantec executive who had served as the company chief executive officer since April 2009.
Whether intentional or not, software features have the potential to leak sensitive information, corrupt data or reduce system availability. The National Institute of Standards and Technology's latest guidance aims to help organizations minimize vulnerabilities.
The Privacy and Security Tiger Team is hammering out recommendations for how best to authenticate the identities of physicians and other individuals who electronically exchange health information. Find out what's under consideration.
Today's malware threats are designed to quietly and slowly spread to other hosts, gathering information over extended periods of time that leads to exfiltration of sensitive data and creates havoc. Here's what NIST says organizations should do.
President Obama endorses the Cybersecurity Act of 2012 despite the removal of provisions from an earlier version of the bill that would have given the federal government authority to regulate the mostly privately owned critical national IT infrastructure.