When the Commonwealth of Pennsylvania suffered a major security breach a few years back, vulnerabilities in a Web application were to blame. CISO Erik Avakian explains how the state developed a process to correct flaws in application code.
The American Health Information Management Association plans to work with various states next year to move toward more uniform privacy and security requirements that are in synch with federal requirements, says Lynne Thomas Gordon, AHIMA's new CEO.
Breaches have an adverse impact on the fundamental operations of a business or government and without fully understanding that, executives and managers cannot smartly run their operations successfully.
"Satisfying a court order is heavy lifting," says Greg Thompson of Scotia Bank. "The cost and risks of outsourcing this service with regards to the number of litigations we are dealing with has skyrocketed."
Veterans Affairs may have been biased when it awarded last year a high-bid, $133 million IT security services contract to the incumbent provider, the consultancy Booz Allen Hamilton, a VA inspector general audit contends.
The federal "wall of shame" tally of major healthcare information breaches now lists 380 incidents affecting more than 18 million individuals. Meanwhile, yet another class action lawsuit has been filed in the wake of a breach.
The information security job market is evolving into highly specialized areas, says Eugene Spafford, noted professor at Purdue University. So, how must students now prepare themselves for these new career paths?
A key component of any breach response preparation effort is to make certain that all staff members are trained in who to contact within the organization about a security incident "even if they are not sure whether it's a breach," says Dawn Morgenstern, privacy official at the Walgreens national drugstore chain.