If Facebook can't reach a penalty agreement with the FTC, the regulator could take the case to court and call on senior executives, such as CEO Mark Zuckerberg (pictured), to testify.

Report: Facebook Faces Multibillion Dollar US Privacy Fine

Mathew J. Schwartz • February 15, 2019

The Federal Trade Commission is reportedly negotiating a settlement with Facebook that includes a multibillion dollar fine for its privacy failures. But the social network is alarmed about the proposed settlement agreement's terms and conditions, The Washington Post reports.

Application Security

US Intensifies Pressure on Allies to Avoid Huawei, ZTE

Latest

Blockchain & Cryptocurrency

Protecting Cryptocurrency in the Era of 'Deep Fakes'

Nick Holland • February 15, 2019

The latest edition of the ISMG Security Report highlights how thieves can use "deep fake" photos in an attempt to steal cryptocurrency. Also featured: A discussion of the implications of "data gravity" and an analysis of whether the era of mega-breaches is ending.

Artificial Intelligence & Machine Learning

HIMSS19: The Cybersecurity Obstacles, Opportunities Ahead

Marianne Kolbasuk McGee • February 15, 2019

Another annual HIMSS conference is in the rear-view mirror. But what's up the road in terms of top cybersecurity-related challenges facing the healthcare sector?

Blockchain & Cryptocurrency

Blockchain in Healthcare: The Potential Benefits, Risks

Marianne Kolbasuk McGee • February 14, 2019

Indiana University Health is evaluating the use of blockchain in two areas to improve healthcare information security, Mitch Parker, CISO, says in an interview at the HIMSS19 conference. He sizes up the potential risks and benefits.

Cloud Security

Data Gravity: Will It Weigh Down Cloud Security?

Nick Holland • February 13, 2019

The 2019 RSA Conference offers an opportunity to learn about new concepts across all aspects of cybersecurity. One such area is "data gravity," which will be the topic of a session featuring Microsoft's Diana Kelley and Sian John. They discuss the concept in a joint interview.

Cybercrime

No-Deal Brexit Threatens British Crime Fighting

Mathew J. Schwartz • February 12, 2019

British police say they're doing their best to cope with the possibility that the U.K. will crash out of the EU in 45 days and lose access to joint policing resources. But Richard Martin of the Met Police says replacements "will not be as efficient or effective as the tools we currently use."

3rd Party Risk Management

RSA Conference 2019: A Preview

Nick Holland • February 12, 2019

What are some of the hottest issues that will be discussed at this year's RSA Conference, to be held March 4-8 in San Francisco? Britta Glade, content director for the world's largest data security event, says DevSecOps - as well as third-party risk and cloud-related issues - are emerging as key themes.

Compliance

HIPAA Enforcement Update: Areas of Focus

Marianne Kolbasuk McGee • February 12, 2019

The HHS Office for Civil Rights is paying particular attention to complaints involving patients' access to their health information; it's also focusing on investigations of organizations with patterns of HIPAA noncompliance, Nick Heesters of the agency explains in an interview at the HIMSS19 conference.

Governance

Keeping Incident Response Plans Current

Marianne Kolbasuk McGee • February 12, 2019

Many healthcare organizations are falling short in their incident response plans, says Mark Dill, principal consultant at tw-Security. The former director of information security at the Cleveland Clinic discusses best practices for keeping those programs current in an interview at the HIMSS19 conference.

Endpoint Security

Medical Device Cyber Risk: An Enterprise Problem

Marianne Kolbasuk McGee • February 12, 2019

Medical device cybersecurity risks should be viewed as an enterprise problem, say Tracey Hughes of Duke University Health Systems and Clyde Hewitt of security consultancy CynergisTek, who outline critical security steps.

Analytics

Health Data Security: The Most Promising Technologies

Marianne Kolbasuk McGee • February 11, 2019

Analytics, artificial intelligence and machine learning are increasingly playing promising roles in healthcare data security, say Ron Mehring, CISO at Texas Health Resources, a large delivery system, and Axel Wirth of Symantec, a technology vendor. They were featured speakers at the HIMSS19 conference.

Cloud Security

Assessing IoT Risks in Healthcare Environments

Marianne Kolbasuk McGee • February 11, 2019

Healthcare organizations should steer clear of connecting internet of things devices to their networks unless they serve a precise medical purpose, says attorney Julia Hesse, a featured speaker at the HIMSS19 Conference.

Data Breach

Cottage Health Hit With $3 Million HIPAA Settlement

Marianne Kolbasuk McGee • February 8, 2019

Federal regulators have hit a California-based healthcare provider with a $3 million HIPAA settlement related to two breaches involving misconfigured IT. It's the latest in a recent series of hefty penalties issued in HIPAA cases.