Over the years, HHS has released several guidance documents, but all are weak and without mandates as it relates to identity management and authentication of entities accessing protected health information. Guidance typically includes words like "may" and "should," but rarely include words like "shall" or "must."
Hack attack victims often ask two questions: "Who did it? And can we hack them back?" But after an attack, with time of the essence for blocking further damage, those are the wrong questions for breached organizations to be asking, data breach response expert Alan Brill says in this audio interview.
Ransomware is going to get personal. Password managers will be huge targets. And we will see the rise of a whole new exploit kit. These are among the 2017 security predictions from Malwarebytes Laboratories. CEO Marcin Kleczynski offers insight on how to prepare.
How much time and effort will consumers put into protecting themselves from identity theft and financial fraud? That was the question posed by Aite Group's Julie Conroy in researching the new Global Security Engagement Scorecard. And the answer might just surprise you.
Leading the latest edition of the ISMG Security Report: an analysis of the impact on healthcare information security and privacy of the 21st Century Cares Act, which President Obama signed into law Dec. 13. Also, a report on the spread of malvertising and an update on the Bangladesh Bank cyber heist.
In the latest sign that when it comes to data, absolutely nothing is sacred, hackers have set their sights on fans of Kentucky Fried Chicken, and in particular 1.2 million members of its Colonel's Club loyalty program in the U.K. and Ireland.
Hackers are increasingly taking advantage of new technologies, including analytics and artificial intelligence, to launch more sophisticated attacks and commit cybercrimes, Bill Fox, a former federal prosecutor, explains in this interview.
An internal investigation into the February theft of $81 million from the central bank of Bangladesh reportedly found that a handful of negligent and careless bank officials inadvertently helped facilitate the heist by outside hackers.
A report on the former head of the NSA and CIA questioning President-elect Donald Trump's understanding of cybersecurity leads the latest edition of the ISMG Security Report. Also, House Homeland Security Committee Chairman Michael McCaul outlines his vision of Congress' cybersecurity agenda for 2017.
In an in-depth audio interview, Troy Leach of the PCI Security Standards Council describes just-released guidance that's designed to help organizations simplify network segmentation, a practice the council strongly recommends to help protect payment card data.
Federal regulators have issued an alert urging healthcare sector organizations to take specific steps to prevent falling victim to distributed denial-of-service attacks. Security experts offer an assessment, plus additional tips.
MSN and Yahoo are among the major websites hit by a wave of malicious advertisements that try to deliver malware to computers. It's a resurgence of activity by a group called AdGholas, which was active in July.
According to one report, barely one-third of global organizations feel prepared to handle a modern cyberattack such as malvertising or ransomware. Justin Dolly of Malwarebytes explains how security leaders can step up their game in 2017.