A security expert and average consumers respond differently to the eBay breach. As most customers retain a high degree of faith in online merchant security, the expert believes eBay committed a serious sin in its lack of strong authentication.
With the Senate Intelligence Committee overwhelmingly approving the Cybersecurity Information Security Management Act, common wisdom dictates the bill will head directly to the Senate floor. Not so fast.
A call center worker at the Connecticut health insurance exchange loses a backpack containing notepads containing sensitive consumer information. Investigators want to know why the paper-based information left the building.
After receiving much criticism over the privacy and security provisions for HealthCare.gov, it's good to see HHS taking action to help ensure that "navigators" who assist consumers with getting insurance coverage adequately protect patient privacy.
CIO John Halamka, M.D., a well-known blogger, says information security accounts for about half of his work at Beth Israel Deaconess Medical Center. He explains why that's the case and discusses a variety of projects, including a test of Google Glass.
As federal regulators weigh changes in the requirements for the HITECH Act electronic health record financial incentive program, it's essential that they adequately address privacy and security issues.
Embedding some information security practitioners within business units could help improve IT security awareness in many enterprises, reducing security risk, says Steve Durbin, global vice president of the Information Security Forum.
The recent Verizon Data Breach Investigation Report notes more than 16,000 incidents in the past year where sensitive information was unintentionally exposed. "Nearly every incident involves some element of human error," the report notes.
With a need for more than 4,000 new specialists over the next two years, the U.S. Cyber Command will look within the military for help, providing training to enlistees to re-invent themselves as cyber pros, Defense Secretary Chuck Hagel says.
The No. 1 reason Congress, after five years of intensive efforts, has yet to enact comprehensive cybersecurity legislation is differences over how much liability protection to grant businesses to get them to share cyberthreat information.