"Persistent" is the operative word about the advanced persistent threat that has struck RSA and its SecurID products. "If the bad guys out there want to get to someone ... they can," says David Navetta of the Information Law Group.
The announcement by RSA that it had been a victim of an advanced persistent threat shook the global information security industry. Stephen Northcutt of SANS Institute and David Navetta of the Information Law Group offer insight on what happened, what it means and how to respond.
A second California state agency has launched an investigation into insurer Health Net's recent information breach incident that may have affected 1.9 million individuals nationwide.
"Almost everyone has a firewall and is using it; it's just not necessarily a relevant defense against the way people are actually being attacked," says Josh Corman, research director of enterprise security at security consultancy The 451 Group.
The bill, sponsored by House Cybersecurity Caucus Co-Chair James Langevin, would create a White House office of cyberspace and replace paper-based FISMA compliance with automated, continuous monitoring of IT systems.
"This is not a record of success; whatever we are doing is not working," says James Lewis of the Center for Strategic and International Studies. "As a nation, despite all the talk, we are still not serious about cybersecurity."
The HHS Office for Civil Rights is seeking a 13.5 percent increase in its budget for fiscal 2012 to fund initiatives primarily designed to enforce HIPAA and HITECH Act provisions for privacy and security.
Adequate funding for privacy and security measures is essential to the success of sharing electronic health records to improve the quality of care, says William Braithwaite, M.D., Ph.D.
Insurer Health Net is notifying 1.9 million individuals that their healthcare and personal information may have been breached as a result of nine server drives missing from a California data center managed by IBM.
Roundup of news and insights from the National HIPAA Summit, including the announcement that state attorneys general soon will receive training on how to file federal civil lawsuits for HIPAA violations.
Susan McAndrew of the HHS Office for Civil Rights discusses recent high-profile HIPAA cases, upcoming state attorneys general training and the pending HIPAA audit program.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.