Conventional wisdom suggests China isn't interested in disabling industrial control systems in the U.S. After all, such an act would be against its own economic interest. But is that type of thinking right?
The Department of Health and Human Services conducts three types of audits or investigations involving privacy and security issues. But preparing for any of these inquiries requires similar steps, experts say.
The resumption of the HIPAA compliance audit program is on hold while regulators analyze pilot audit project results and implement the HIPAA Omnibus Rule, says Susan McAndrew of the HHS Office for Civil Rights.
The Cleveland Clinic is in continuous risk assessment mode, always on the lookout for emerging threats and vulnerabilities, says Mark Dill, director of information security. Learn about his top priorities.
Highly publicized breaches at Facebook, Twitter, the New York Times and other organizations in recent weeks suggest there's a new normal in the cyberthreat arena. But the onetime head of U.S. CERT, Mischel Kwon, doesn't think so.