"How secure are we?" That's one of the most common questions asked by boards and senior managers. But security and technology leaders do not always have ready answers, says Jacob Olcott of BitSight Technologies. Are they even using the right security metrics?
Hacker attacks continue to account for the vast majority of health data breach victims this year, according to the latest federal tally. Some security experts expect that trend will persist as long as many organizations focus narrowly on HIPAA compliance rather than larger cybersecurity issues.
To better mitigate the breach risks tied to the growing use of mobile devices, organizations need to adopt enterprise digital rights management as a way to improve data security, says Gartner's John Girard.
Markus Jakobsson, Chief Scientist at Agari, has released a new book focused on socially-engineered schemes. What are the key takeaways, and how can security leaders improve their abilities to fight back against the schemers?
Bad news: A developer has released the source code for Mirai malware, which is designed to automatically find and hack internet of things devices, turning them into DDoS cannons. The malware has been tied to recent record-smashing DDoS attacks.
Don't leap to conclusions on the basis of a new report that suggests Yahoo is preparing to warn the world that it was hacked and lost hundreds of millions of users' account credentials. Someone may simply have harvested passwords reused on other sites.
B. Vindell Washington, M.D., the new head of the Office of the National Coordinator for Health IT, pledges that the agency's top priority of advancing standards-based interoperable, secure health data exchange will continue under his leadership. But what will happen once a new president is elected?
A developer warns that Dropbox gains wide-ranging access to Apple's OS X operating system using a SQL trick that some equate to hacking users' systems. Here's why giving a desktop app unusual access to Apple's privacy settings poses a security risk.
SWIFT screwed up. That's the takeaway from a new report into the Brussels-based cooperative, which alleges that the organization overlooked serious concerns relating to smaller banks' security and the risks they posed to the health of its entire network.
The U.S. Office of Personnel Management - besmirched by a 2015 breach that exposed the personal information of 21.5 million individuals - turns to the military for its new chief information officer. He's DoD Principal Deputy CIO David DeVries.
The next president of the United States should establish a cabinet position focused on cybersecurity, and Congress should create a more focused approach to funding and authorizing IT security initiatives, says Larry Clinton, who heads the Internet Security Alliance.
Delta is warning that a power failure lead to system outages, resulting in numerous flight cancellations or delays. As more airline-related processes get computerized, experts are asking why the airline's systems aren't more resilient.
In the largest HIPAA settlement to date, federal regulators have smacked Chicago-based Advocate Health Care with a $5.5 million fine in the wake of an investigation into three 2013 breaches. The settlement is HHS's tenth HIPAA enforcement action this year.
Imagine the security implications of a world in which millions of people have a physical impairment that leaves them internet-connected. Say hello to the promise - and peril - of internet-connected hearing aids, says Global Cyber Alliance's Phil Reitinger.