Employees are the first line of defense for any organization, and Paul Bowen of Arbor Networks believes we don't do nearly enough to deputize them to support our security efforts. He offers tips for using technology to train end users.
The high-profile breaches of Fortune 100 companies are the ones that get the headlines, but small and midsized businesses should not breathe any sighs of relief. They are very much still targets, says Austin Murphy of CrowdStrike. He offers cybersecurity advice to SMBs.
HHS continues to improve its information security program, but it needs to take steps to address a number of ongoing weaknesses, according to a new watchdog agency report. What are those glaring weaknesses, which are also, unfortunately, common at many healthcare organizations?
Cybersecurity will again be in the spotlight at this year's Healthcare Information and Management Systems Society conference, March 5 to 9 in Las Vegas. The event will feature numerous CISO presentations, updates from regulators and displays of the latest technologies.
Australia's real-time payments platform, which launched last week, includes a feature designed to reduce fraud and erroneous payments. Ironically, the feature may also expose users to social engineering attacks.
A look at some of the United Kingdom's recent health data breach statistics shows some interesting similarities to the U.S., despite differences in the two countries' health systems and breach reporting practices.
Technology giants are still struggling to identify what's at risk from the Spectre and Meltdown flaws in modern CPUs, never mind getting working security updates into users' hands. In the meantime, expect a rush by researchers to find more flaws in microprocessor code.
Ira "Gus" Hunt, a security expert who was formerly CTO at the CIA, analyzes why many large healthcare provider organizations plan to boost cybersecurity spending in 2018 and discusses the role of emerging technologies.
Fraudsters recently ordered a total of nine iPhones and Samsung S8s from Sprint and Verizon with my personal details. With the internet awash in stolen personally identifiable information, are mobile operators doing enough to prevent fraudulent orders?
In an information technology environment where personnel are taking on increasingly complex responsibilities, the key to ensuring security is still awareness training, says former U.S. CISO Gregory Touhill, who says he'd put his last dollar on it.
The Department of Health and Human Services has taken important steps to fight Medicare and Medicaid fraud, but can further strengthen its efforts in several ways, according to a new GAO report. GAO estimates that in fiscal 2016, improper Medicare and Medicaid payments totaled about $95 billion.
If you want to anticipate a prospective hacker's moves, then you'd better be able to think like one. That's the position of Terry Cutler, an ethical hacker who dedicates his time to testing organization's cybersecurity defenses - and their people.
As data protection breaches have become daily headline news and everyone becomes increasingly sensitive about privacy, the regulatory regime is getting tougher. Data protection laws in Europe are more important than ever before - especially as the enforcement deadline of the EU GDPR looms.
The success of any security initiative comes down to one crucial element: an educated, engaged workforce. And that requires an effective security awareness program, says Mark Eggleston, chief information security and privacy officer at Health Partners Plans. But how can you tell if your program is working?