The White House has developed protocols for notifying the public of nation-state hacking or other interference during the 2020 presidential election cycle. But the full framework has not yet been released.
The EU's General Data Protection Regulation rewrote the rules of the data privacy and breach notification game when it went into full effect last year. Now, however, numerous organizations are revisiting and refining their GDPR compliance efforts around preparation and remediation, says PwC's Polly Ralph.
Bala Kumar of iovation, a TransUnion company, sees a marked spike in identity fraud in general, and at account origination in particular. How does this increase manifest across industry sectors, and how should organizations re-think their defenses?
In June, I wrote an in-depth story about how millions of Instagram users worldwide under 18 years old were exposing their email addresses, phone numbers or both. Instagram has finally made a change to address the issue - but it doesn't go far enough.
Hacker attacks, IT mishaps and vendor errors are among the top causes of the largest health data breaches added to the official federal tally so far this year. Here's an update.
Nearly four months after Capital One revealed a massive data breach, Michael Johnson, the bank's CISO, is being moved into an outside advisory role, and the company is scouting for a new security leader, according to the Wall Street Journal.
Federal prosecutors have charged a Long Island company, along with seven of its employees, with selling vulnerability-laden Chinese technology to the U.S. military and other agencies for a decade and passing the gear off as American made.
U.S. Senator Ron Wyden is pushing the Federal Communications Commission to ensure that wireless carriers build new security measures, such as encryption and authentication, into 5G networks as they're rolled out over the next several years.
Having a detailed data breach response plan that's regularly tested by all players and continually refined is essential, says PwC's James Lloyd, who offers strategic insights.
Employees view the ability to bring their own devices into their workplace life as a prerequisite for any job, which complicates organizations' identity management and cybersecurity efforts, says Barry McMahon of LastPass.
In December, PCI SSC plans to publish a new standard for solutions that enable "tap and go" transactions on merchant smartphones and other commercial off-the shelf mobile devices. Troy Leach, the council's CTO, offers insights on the role the standard will play in enhancing security for smaller merchants.
The latest edition of the ISMG Security Report offers an analysis of how Twitter allegedly was used to spy on critics of the Saudi Arabian government. Also featured: A preview of the new NIST Privacy Framework and an update on business email compromise attacks.
Organizations should develop a comprehensive strategy for managing third-party security risks and avoid over-reliance on any one tool, such as vendor security risk assessment, monitoring or ratings services, says analyst Jie Zhang of Gartner.
A misconfigured billing system that caused a mailing mishap affecting nearly 83,000 individuals has prompted Texas Health Resources to file 15 breach reports to federal regulators - one for each hospital involved.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.