"While securing energy, financial, health and other resources remain vital, the future of the innovation and the economy will depend on the success of Internet companies and ensuring that these companies are trusted and secure is essential," Commerce Secretary Gary Locke says.
Recent hacks have uncovered security vulnerabilities that should have been addressed years ago. "These attacks are going to escalate," says Josh Corman of The 451 Group. But organizations can implement basic steps to make the hackers' job harder.
If you need one more reason to take additional steps to prevent health information breaches, here's something to consider. An attorney argues that if breaches, and their high costs, are not brought under control, "I think where we are headed is to an insurance crisis."
Organizations need to constantly conduct risk assessments in order to improve the storage and protection of critical data, says David Finn, Health Information Technology Officer at Symantec.
What's the top threat on the minds of global IT leaders? Employee-owned mobile devices - or BYOD (bring your own device), as the trend is known. The struggle: Do mobile device benefits outweigh the organizational risks?
Quantifying the safety or danger of cyberspace is tough. But a highly respected IT security practitioner and an experienced risk management consultant have teamed to develop an index they contend reflects the relative security of cyberspace by aggregating the views of information security industry professionals.
Lockheed Martin, the country's largest military contractor, is investigating the root of a "significant and tenacious" attack against its information network. Could this attack be linked to the RSA SecurID hack earlier this year?
Ian Glover, president of the UK's Council of Registered Ethical Security Testers, has a message for individuals who want to enter the security testing profession today: No hackers allowed, thank you.
The Obama administration's plan for a federal data breach notification policy is too vague to be effective, and it lacks teeth to penalize violators, according to experts who raise open questions about the proposal.
Regulatory compliance expert Harry Rhodes says it's essential to have a formal process in place for objectively assessing whether a security incident needs to be reported as a breach.
Lacking technology is not the problem, says attorney Lucy Thomson. It's that today's technology is not being adequately used to fight modern cybersecurity threats.
"Our security teams were working very hard to defend against denial of service attacks, and that may have made it more difficult to detect the intrusion quickly, all perhaps by design," Sony Computer Entertainment America Chairman Kazuo Hirai said in a letter to Congress.
From mobile devices to social media and cloud computing, IT governance is all about risk management. "You can't de-risk everything, but you can de-risk the majority of circumstances you will see in normal operations," says governance expert Robert Stroud.
Intel CISO Malcolm Harkins says the Sony PlayStation breach reminds CISOs in all sectors that such incidents can't be avoided, but their risks can be managed.
Four years ago, the Council of Registered Ethical Security Testers began as an organization to bring standardization to the penetration testing industry. Today, CREST's scope is expanding across industries and global regions, says president Ian Glover.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.