The breach at Target stores that may have affected as many as 40 million credit and debit card account holders is a watershed moment that could greatly raise awareness of cybersecurity risks, says privacy attorney David Navetta.
HealthcareInfoSecurity has extended the deadline for participation in its annual survey to examine the priorities and challenges of healthcare info security leaders. Preliminary results reveal some pain-points.
President Obama faces a dilemma in deciding whether to prohibit the National Security Agency from tinkering with encryption as one way to collect intelligence data from adversaries who threaten to harm America.
A preliminary version of the cybersecurity framework takes a too-broad approach to privacy, says security and privacy attorney Harriet Pearson. And that could result in fewer organizations adopting the voluntary security guidelines.
While preparing a speech to be delivered in Korea, NIST's Ron Ross wanted to convey the message of the importance of computer security. He hit on five themes - threat, assets, complexity, integration and trustworthiness - which form the acronym TACIT.
The potential of governments messing with commercial IT security products - think China and the NSA - means organizations need to improve lines of communications to assure the integrity of the IT wares they acquire. ISF's Steve Durbin discusses mitigating supply-chain risk.
Whether reports that the National Security Agency entered into a secret contract with security provider RSA are true or not - and RSA says they're not - the reputations of all American security vendors have been tarnished.
The Centers for Medicare and Medicaid Services is creating a new position of chief risk officer in a multi-faceted effort to analyze and address problems with the troubled HealthCare.gov rollout. What are the security implications?
The HHS Office for Civil Rights, which enforces HIPAA, has some compliance issues of its own to address, according to a new inspector general report. But OCR officials say they've been addressing those matters.
Many healthcare providers and their business associates have a long way to go with their HIPAA compliance efforts. But two new resources from federal regulators could help pave the way to better security.