"This is not a record of success; whatever we are doing is not working," says James Lewis of the Center for Strategic and International Studies. "As a nation, despite all the talk, we are still not serious about cybersecurity."
The HHS Office for Civil Rights is seeking a 13.5 percent increase in its budget for fiscal 2012 to fund initiatives primarily designed to enforce HIPAA and HITECH Act provisions for privacy and security.
Institutions can learn a great deal from Japan's disaster planning and response. But security expert Mark Lobel of PricewaterhouseCoopers says this growing crisis also teaches us: "Even the best laid plans only go so far."
To ramp up efforts to detect Medicaid fraud, the Department of Health and Human Services is proposing a rule that would enable states to use federal matching funds to support Medicaid claims data mining.
Insurer Health Net is notifying 1.9 million individuals that their healthcare and personal information may have been breached as a result of nine server drives missing from a California data center managed by IBM.
The Internet is inherently insecure, and the only way to ensure today's evolving information systems is to build them upon three pillars of trust. This is the premise of Mike Ozburn, Principal at Booz Allen Hamilton, which has just authored a new white paper about these pillars.
"We are training organizations to become more security focused and get them away from the check box mentality," says Jeremy King of the PCI Security Standards Council, describing the group's new approach to increasing PCI awareness globally.
Deven McGraw, co-chair of the Privacy and Security Tiger Team that's advising federal regulators, offers insights on how the team's recommendations might be implemented and what topics it will tackle next.
The Defense Department hopes to prevent future WikiLeaks-style breaches by employing public key infrastructure-based controlled access cards, but that solution won't be fully in place until mid-2013, DoD CIO Teresa Takai says.
In today's world, where certain data must be let in so governments and businesses can realize their missions, firewalls must be able to see the content flowing through networks, NIST Computer Scientists Tim Grance and Murugiah Souppaya say.