Highly publicized breaches at Facebook, Twitter, the New York Times and other organizations in recent weeks suggest there's a new normal in the cyberthreat arena. But the onetime head of U.S. CERT, Mischel Kwon, doesn't think so.
Ron Ross, the NIST computer scientist who heads the initiative that is revising the guidance, characterizes the updated publication as the most comprehensive one since the initial catalogue of controls was issued in 2005.
A strategic security analyst from Mandiant, the company that's examining recent hacks from the inside, explains why such cyber-assaults will likely intensify under the leadership of China's new president, Xi Jinping.
In the aftermath of a data breach last year that affected 780,000 individuals, Utah legislators are considering a bill that would mandate state agencies identify and implement best practices for protecting data.
Privacy and security leaders, including John Houston at University of Pittsburgh Medical Center, are evaluating the changes needed to comply with the HIPAA omnibus final rule. Find out what's on their to-do lists.
The new omnibus rule makes it clear that business associates must comply with HIPAA. And the latest additions to the federal health data breach tally put a spotlight on why some BAs need to improve patient data protection.
With Congress facing $1.2 trillion in budget cuts, Federal Chief Information Officer Steven VanRoekel says funding for cybersecurity initiatives will likely be affected. But with smart planning, government information technology should not be placed at risk.
Many organizations are weighing whether cyber-insurance is a worthwhile investment. A decision on the type of policy to buy, and what it should cover, depends, in part, on the type of information that could be exposed.
With HIPAA compliance audits slated to resume within about a year, what steps can healthcare organizations take to begin to prepare? OCR's Leon Rodriguez offers strategies based on initial audit findings and breach investigations.