Under assault by advanced threats, organizations must change their approach, says Damballa's Stephen Newman. Detection is out; response is in. How do organizations deal with 'a constant state of infection?'
Healthcare organizations that base their information security programs on HIPAA compliance are making a major blunder, says security consultant Brad Keller, who explains why that strategy is short-sighted.
The U.S. federal government's top telecommunications regulator is proposing a "new regulatory paradigm" by calling on communications providers to step up and assume new responsibilities to manage cyber-risks.
A George Mason University researcher says NIST's cybersecurity framework is likely to cause more problems than it solves. Instead, he encourages critical infrastructure operators to adopt dynamic cybersecurity provisions.
Making senior management aware of the risks involved in failing to invest in security technology is essential to getting buy-in, says Phil Curran, CISO at Cooper University Health Care.
Effective risk management requires involvement of an organization's top leader; the resignation of Eric Shinseki as secretary of Veterans Affairs means that the VA likely will continue to struggle to comply with federal requirements for IT security.
The Government Accountability Office has confirmed it will conduct "complete and continuous end-to-end testing" of the security of the Obamacare HealthCare.gov website and systems.
Early testimony in the FTC's administrative trial involving its security complaint against LabMD provides a glimpse into some issues that regulators consider when reviewing data security practices.
In the struggle to comply with changing regulatory requirements amidst an evolving technological environment, addressing information security can be overwhelming for many healthcare providers. An expert offers tips for sustainable risk management.
What does "IT security as a business enabler" mean? For a definition, Gartner's Paul Proctor looks to the way IT managers at a European car maker translate security problems into a language a CEO can understand.
A group of noted cryptographers, academics and business leaders will provide an independent assessment of the way the National Institute of Standards and Technology develops cryptographic standards and guidelines.
As federal regulators weigh changes in the requirements for the HITECH Act electronic health record financial incentive program, it's essential that they adequately address privacy and security issues.
The National Institute of Standards and Technology is developing new cybersecurity standards based on the same principles engineers use to build bridges and jetliners.
Many health data breaches still go undetected and unreported, says security expert Kate Borten, who analyzes findings from the recent 2014 Healthcare Information Security Today survey.
There's a ton of event content to choose from at Infosecurity Europe 2014, which runs from April 29 through May 1, and here are some of the sessions that caught one editor's eye.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.
