Businesses that fail to block former employees' server access or spot any other unauthorized access are asking for trouble. While the vast majority of ex-employees will behave scrupulously, why leave such matters to chance?
The FDA has warned Abbott that it must submit a plan within 15 days to address previously identified cybersecurity vulnerabilities and other potential safety issues in certain cardiac devices of St. Jude Medical, which Abbott Labs acquired in January.
Good news for Microsoft Windows users: The Equation Group exploit tools dumped this month by Shadow Brokers don't work against currently supported versions of Windows, largely thanks to patches Microsoft released in March. But who tipped off Microsoft?
What should healthcare entities and business associates expect when faced with a data breach investigation or compliance audit by federal regulators? Attorney Marti Arvin discusses the do's and don'ts.
Too many businesses assume that the internet will be around forever, but that's faulty thinking and an impractical business practice, says Information Security Forum's Steve Durbin, a featured speaker at Information Security Media Group's Fraud and Breach Prevention Summit in Atlanta this month.
NIST's proposed update to its cybersecurity framework needs to better address specific concerns of the healthcare sector, say some industry groups commenting on the recently released draft. So, what are they asking NIST to do?
When she first joined the Los Angeles County district attorney's office, Maria Ramirez prosecuted street gangs. Now she's cracking down on cyber gangs and is opening her case file to share lessons learned from cases involving business email compromise and ransomware.
A Colorado-based community healthcare center is the latest entity to learn an expensive lesson from federal regulators about the importance of conducting a timely and comprehensive risk assessment.
An increase in unemployment isn't always a bad sign. It could reflect that more people are entering the workforce and looking for work, but have yet to land jobs. Could that be happening with IT security practitioners?
The recent fix for a zero-day flaw in Microsoft Office appeared more than five months after Microsoft was privately alerted to the flaw, and followed months of it being exploited via in-the-wild attacks. Can Microsoft do better?
Over the past year, fines levied by various regulatory agencies against breached entities have helped to shape and clarify what cybersecurity attorney Joseph Burton calls the cybersecurity standard of care - a standard for reasonable security that courts will turn to when determining liability and fault in the wake of...
Many media outlets have suggested that the recent arrest of a Russian computer programmer ties to the 2016 U.S. presidential election meddling blamed on Russia. But the only source for this supposed connection traces to a Russian propaganda arm that's been blamed for participating in said meddling.
Healthcare industry organizations are again asking Congress to ease a ban that prohibits the Department of Health and Human Services from funding unique patient identifiers, saying that a failure to act will be detrimental to the success of healthcare information exchange.
A Texas-based pediatric practice is the latest healthcare entity to report a major data breach following a recent ransomware attack, despite the organization's efforts to mitigate the incident quickly.
Now that President Donald Trump has signed legislation to eliminate the Federal Communications Commission's oversight of the way internet service providers sell their customers' information, could other jurisdictions - such as states - step in?
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.