When it comes to the impending Sept. 23 HIPAA Omnibus enforcement deadline, many smaller organizations are making serious progress - or seriously procrastinating, says compliance expert Margie Satinsky.
The panel would review the latest intelligence and communications technologies to determine the risk of unauthorized disclosure to national security and foreign policy, as well as assess the need to maintain the public trust.
The Obama administration is floating the idea that critical infrastructure owners would more likely adopt voluntary security best practices if the government engages the insurance industry to help develop its cybersecurity framework.
Federal advisers want to stress the value of risk assessments even more strongly in Stage 3 of the HITECH Act electronic health record incentive program. Meanwhile, regulators are studying how to address health information exchange security issues.
The apparatchiks at the Kremlin think they're clever sorts with plans to replace computers with typewriters to prevent the American e-spies at the National Security Agency from hacking into Russian intelligence systems.
Getting critical infrastructure operators involved is the biggest challenge the federal government faces in creating a cybersecurity framework, says NIST's Adam Sedgewick, who leads efforts to create the framework ordered by President Obama.
Aimed to be voluntarily adopted by the nation's critical infrastructure operators, the cybersecurity framework will revolve around a core structure that includes five major cybersecurity functions: Know, Prevent, Detect, Respond and Recover.
A side benefit of consolidating the military's 15,000 networks is the need for fewer systems administrators. Gen. Martin Dempsey, chairman of the Joint Chiefs of Staff, says that should help diminish the insider threat.