Security leaders have a firm grasp on their technology controls and processes as they continue into 2013. It's addressing the vulnerabilities in people that remains the outstanding challenge of the year.
National Institute of Standards and Technology's Jeremy Grant says the government will fund pilot projects to accelerate progress toward the creation of improved, interoperable systems for secure, privacy-enhancing trusted online credentials.
The new measure would require banks, healthcare providers, social media companies, search engines and other e-commerce entities operating in Europe - even those based elsewhere - to report breaches to national authorities.
Ron Ross, the NIST computer scientist who heads the initiative that is revising the guidance, characterizes the updated publication as the most comprehensive one since the initial catalogue of controls was issued in 2005.
Several consumer advocates say they're pleased that the HIPAA Omnibus Rule strengthens patient privacy protections and helps ensure patients can obtain their records. Learn about what they like - and dislike - in the rule.
The departments of Veterans Affairs and Defense are dropping plans to build an integrated electronic health record system from scratch. Find out why the new approach focuses on interoperability and secure data exchange.
A strategic security analyst from Mandiant, the company that's examining recent hacks from the inside, explains why such cyber-assaults will likely intensify under the leadership of China's new president, Xi Jinping.
In the aftermath of a data breach last year that affected 780,000 individuals, Utah legislators are considering a bill that would mandate state agencies identify and implement best practices for protecting data.
Although suggestions in a new Federal Trade Commission staff report do not have the force of law, they do provide guidance on how the agency could enforce American federal laws and regulations to protect the privacy of users of smart phones and tablets.
Some organizations concerned about the security flaws of third-party applications are building in-house app stores to service mobile device users. Read how the VA and Sanofi US have tackled the challenge.
Privacy and security leaders, including John Houston at University of Pittsburgh Medical Center, are evaluating the changes needed to comply with the HIPAA omnibus final rule. Find out what's on their to-do lists.