Understanding threats and identifying modern attacks in their early stages is key to preventing subsequent compromises, and proactively sharing information among organizations is an increasingly effective way to identify them.
The United Kingdom and the United States are both cracking down on healthcare organizations that have experienced information breaches. But they're taking very different approaches. Which approach will prove most effective?
The benefits from employing social media as a way to connect with stakeholders outweigh the risks, says David Bradford, the editor of a new survey of risk managers. Still, he says, the risks must be adequately addressed.
"We find it hard to believe that there are any reasons or basis to oppose this legislation," presidential counterterrorism adviser John Brennan says of the Cybersecurity Act of 2012. "I'm just very puzzled as to why individuals would oppose this."
Whether intentional or not, software features have the potential to leak sensitive information, corrupt data or reduce system availability. The National Institute of Standards and Technology's latest guidance aims to help organizations minimize vulnerabilities.
While the overall numbers seem relatively small when the entire universe of cyber incidents is considered, they suggest the IT systems that control the critical infrastructure America's economy and society rely on to function are increasingly at risk.
HIPAA compliance audits will continue next year after the results of this year's pilot program are analyzed, a federal official confirms. And the protocol for the audits could be refined based on the pilot.