Two hefty fines issued as part of recent HIPAA settlements reveal that the Office for Civil Rights is getting tougher on enforcing compliance - especially when it comes to risk assessments.
The continuing loss of data to China suggests that the federal government should carefully assess the cybersecurity implications associated with the expansion of Chinese cloud and mobile providers in the U.S.
Sen. Susan Collins, who, like President Obama, backs the Cybersecurity Act, cautions the president against issuing an executive order to protect the nation's critical IT, saying it would send an signal that congressional action isn't urgently needed.
"To say I'm disappointed is a tremendous understatement," says Senate Majority Leader Harry Reid. "I thought we'd all put national security above partisan politics."
In the latest update, much was left unsaid about the Global Payments data breach. And if I were a Global customer or card-issuing entity, I'd have some serious follow-up questions.
Acquiring information security wares gets more complicated every day - some 1,000 vendors offer 150 categories of products - so it's unreasonable to expect even the most informed chief information security officers to know everything about them.
"The reality is that, if you look across IT, IT people are very good at so many things; they're much better at it in a lot of cases than security people are," RSA CISO Eddie Schwartz says.
Gartner's Peter Firstbrook, to illustrate the vulnerability of IT systems, cites research that pegs at about 400 days the average time a targeted virus remains undetected on a computer. And, he says, that doesn't speak highly of the current offerings from security vendors.
A new report from two consumer advocacy groups identifies seven gaps in privacy protections that policymakers need to address to help support electronic health information exchange.
Israel is being blamed - or, perhaps, taking credit - for the creation of Flame, the sophisticated cyberspyware that has targeted organizations in the Middle East, especially its mortal enemy, the government of Iran.
It's been six years since the Department of Veterans Affairs experienced a huge breach. What breach-prevention steps has the VA taken since then, and what's left to be done?
From mobile and the cloud to DDoS attacks and risks surrounding big data, what should banks and credit unions do now to mitigate exposure? Gartner's Anton Chuvakin offers his top recommendations.
Supply chain risks can occur when organizations purchase and implement information and communications technology products and services. See 10 ways to diminish these risks.
Partisan bickering surrounding a bill aimed at protecting the nation's critical IT infrastructure is the likely reason the measure will not come up for a vote in the lower chamber this week, as representatives debate four other cybersecurity bills.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.