Getting critical infrastructure operators involved is the biggest challenge the federal government faces in creating a cybersecurity framework, says NIST's Adam Sedgewick, who leads efforts to create the framework ordered by President Obama.
To prepare for HIPAA compliance audits once they resume, healthcare organizations need to conduct a thorough risk assessment, says Verne Rinker of the HHS Office for Civil Rights.
Aimed to be voluntarily adopted by the nation's critical infrastructure operators, the cybersecurity framework will revolve around a core structure that includes five major cybersecurity functions: Know, Prevent, Detect, Respond and Recover.
Significant security flaws involving access, configuration-management and continuous-monitoring controls have been identified in a new Inspector General audit of Veterans Affairs' IT systems.
A side benefit of consolidating the military's 15,000 networks is the need for fewer systems administrators. Gen. Martin Dempsey, chairman of the Joint Chiefs of Staff, says that should help diminish the insider threat.
Here are some questions we'd like to ask the former systems administrator at the National Security Agency to learn more about the motivation behind his leak of the U.S. government's top-secret information collection programs.
The federal government has identified dozens of cases of alleged falsification of reports submitted by investigators - federal employees and contractors - examining individuals being considered for security clearances.
President Obama wants Americans to trust his administration on the way it collects data from Internet and telephone communications in the search for terrorists. Does the president deserve that trust?
The United States and Russia are creating a new working group to assess emerging online threats. The group, announced by the White House, will begin work within the next month.
Despite the new instructions on breach notification in the HIPAA Omnibus Rule, there's still plenty of uncertainty about what constitutes a "compromise" of data that triggers notification, says privacy attorney Adam Greene.
Advanced threats and mobile security were the buzzwords of the Gartner Security & Risk Management Summit. What new insights did thought-leaders share, and how can they reshape our security posture?
National Security Agency Director Keith Alexander declined to say that the agency would stop using contractors in top secret IT positions to prevent a leak such as the one that exposed NSA programs to collect metadata on American citizens.
Intermountain Healthcare deserves praise for its gutsy leadership on information security. It's calling attention to the value of thorough risk assessments, acknowledging its need to improve security and developing best practices to share.
Regulations initially cause organizations to spend more funds on data breaches, but eventually those rules could save enterprises money, the Ponemon Institute's Larry Ponemon says in analyzing his latest study on breach costs.
Intermountain Healthcare stepped up its risk assessment efforts to better identify security issues and help ensure it can pass a federal HIPAA audit. Plus, it's developing security best practices to share with others.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.