A string of data breaches in recent months has put the spotlight on the need to take adequate precautions to protect sensitive information. From hackers issuing phony digital certificates to million of patients having their records potentially exposed as a result of lost or stolen backup files, breaches point to the...
Fraud threats have changed little in the past decade. But their global scale has, and James Ratley, president of the ACFE, details how fraud examiners must change their approach to fighting these crimes in 2012.
A federal appeals court has ruled in favor of victims of the 2007 Hannaford data breach. Attorney Ronald Raether explains the ruling and what it potentially means to future breached entities and their customers.
Deven McGraw, co-chair of the Privacy and Security Tiger Team that's advising federal healthcare regulators, explains why she's frustrated by delays in rolling out new regulations to protect electronic health records and safeguard the exchange of patient information.
Healthcare organizations should carefully document all necessary breach investigation and notification actions and responsibilities to avoid chaos when an incident occurs, says Dawn Morgenstern, privacy official at the Walgreens national drugstore chain.
2011 has offered quite a number of tough lessons for security professionals. Here at (ISC)2, where security education is our focus, the close of another year raises the old teacher's question: "What have we learned, class?"
It's a corporate account takeover scheme - with a twist. The scam involves money mules and distributed denial of service attacks. "This is an entirely different scenario," says Mike Smith of Akamai Technologies.
In addition to the negative publicity associated with being included on the federal tally of major health information breaches, some organizations are experiencing yet another impact of breaches: class action lawsuits.
The ongoing delay in the release of final versions of HIPAA modifications and the HIPAA breach notification rule makes it more difficult for healthcare organizations to set information security investment priorities, says hospital privacy officer Kari Myrold.
Ongoing HIPAA compliance training is key to breach prevention, says Terrell Herzig of UAB Medicine. Yet many healthcare organizations are lacking in their efforts, according to results from the Healthcare Information Security Today survey.