Healthcare organizations can take several key steps to help avoid the scrutiny of their state's attorney general and defend against possible class action lawsuits in the aftermath of data breaches, says privacy attorney David Navetta.
Editor's Note: Excerpts of this interview appear in ISMG's Security Agenda magazine, distributed at RSA Conference 2014.
Privacy should be built into the design of all healthcare information technology and related processes, says Michelle Dennedy, who's writing a book on the concept of "privacy by design."...
Expenses linked to the data breach at Target Corp. have already cost the 58 member institutions of the Consumer Bankers Association more than $170 million - a price they should not have to pay, says the association's David Pommerehn.
Employing quantum physics, Yi-Kai Liu, a computer scientist at the National Institute of Standards and Technology, is attempting to devise a way to create a one-shot memory device that could help secure transactions or administrative passwords.
Organizations in all sectors can improve their compliance with the PCI Data Security Standard by taking five critical steps, says Rodolphe Simonetti of Verizon Enterprise Solutions, which just issued a new PCI compliance report.
The ongoing epidemic of health data breaches involving unencrypted laptops demonstrates why many healthcare organizations need to conduct more meaningful risk assessments, says security expert Dan Berger.
When breaches result from retailers' lax security practices, merchants should be obligated to help banking institutions cover fraud losses and other post-breach expenses, says Viveca Ware of the Independent Community Bankers of America.
The PCI Security Standards Council has no plans to modify its standards for payment card data security in response to high-profile payment card breaches at Target and Neiman Marcus, says Bob Russo, the council's general manager.
Retail data breaches are growing. ISight Partners' Tiffany Jones, a researcher who helped the Department of Homeland Security prepare its report about malware attacks, offers new insight into the latest cyber-attacks.
Cybercriminals exploiting weaknesses in how users employ passwords is a significant factor behind an increase in records exposed in breaches during 2013, says Craig Spiezle of the Online Trust Alliance.
In 2013, attackers proved that sophisticated DDoS attacks could be launched as effective disruptions and distractions. What are the evolving solutions that now help organizations mitigate these strikes?