UAB Health System in Birmingham, Ala., is tackling a long list of information security projects, including updating intrusion detection and prevention systems.
In an interview, Terrell Herzig, HIPAA security officer, outlines priority projects, including:
Expanding the use of encryption;
C. Warren Axelrod is a veteran banking/security executive and thought-leader, and in an exclusive interview at the RSA Conference 2010 he discusses top security trends and threats, including:
Axelrod is currently executive advisor for the Financial...
What are the key banking/security topics on the minds of leaders of the nation's largest banks?
At the RSA Conference 2010, Paul Smocer of BITS and the Financial Services Roundtable discusses:
The Roundtable's information security priorities;
How regulatory reform may impact security organizations;
Hospitals preparing for a potential government audit of their HIPAA security rule compliance should "build a continual state of readiness," says David Wiseman, information security manager at Saint Luke's Health System, Kansas City, Mo.
To be fully prepared, Wiseman says hospitals should:
Conduct a HIPAA...
Sitting in an all-day security workshop at the HIMSS Conference in Atlanta Feb. 28 provided me with a good education about what's on the minds of security leaders. For example, one member of the audience said it was a "huge challenge" to ensure that when an employee is fired, their password is promptly deactivated so...
Application security is rapidly becoming the next hot focus area for information security professionals.
Momentum began to build in 2008, when Information Security Media Group's (ISMG) Application Security Survey showed that 90% of respondents saw application security as somewhat or a significant part of their...
Increasingly, digital forensics is an important element of an information security program for organizations of all types and sizes.
But where can security leaders find qualified forensics professionals? How can these professionals obtain the skills and expertise they need to be successful?
Rob Lee of Mandiant...
Choosing the right form of encryption is essential when attempting to comply with the HITECH Act, says consultant Rebecca Herold.
In an interview, Herold:
Stresses that healthcare organizations can gain an exemption from the HITECH requirement to report data breaches only if they use specific NIST-approved...
"Systems compromised by this botnet provide the attackers not only user credentials and confidential information, but remote access inside the compromised networks," says Amit Yoran, CEO of NetWitness, which revealed the Kneber attacks.
Alex Cox, Research Consultant and Principal Analyst, NetWitness
Alex Cox, a research consultant and principal analyst at the IT security firm NetWitness, discovered last month the Kneber botnet, a variant of the ZueS Trojan that he says has infested 75,000 systems in 2,500 corporate and governmental organizations...