Cybersecurity incidents have evolved considerably since the TJX and Heartland breaches of 2007-08. And so has the discipline of incident response, says former prosecutor Kim Peretti, now a partner at the law firm Alston & Bird. She defines incident response 2.0.
In this special edition of the ISMG Security Report, you'll hear an edited version of an ISMG Fraud and Breach Prevention Summit keynote panel in which current and former federal cybersecurity officials assess the IT security agenda of the Donald Trump administration.
The 21st Century Cures Act presents a number of critical but challenging issues pertaining to the advancement of nationwide secure health information exchange that federal regulators must address, David Kibbe, M.D., president and CEO of DirectTrust, explains in this in-depth interview.
British Airways grounded all flights at London's two biggest airports starting Saturday, leading to multiple days of disruptions. The airline has blamed a power surge for its IT failures, but experts have questioned the airline's resiliency and disaster recovery planning and testing.
The identity of the individual or group behind the global WannaCry ransomware campaign remains unclear. But whoever wrote the ransom notes appears to have been fluent in Chinese and pretty good at written English, according to a linguistic analysis from security firm Flashpoint.
To offset some of the Trump administration's proposed cuts to the budget for the HHS Office for Civil Rights, which enforces HIPAA, the agency proposes to take advantage of another source of revenue. But will the HIPAA compliance audit program survive and thrive?
A number of media reports have recently suggested there's a "link" between WannaCry and the Lazarus hacking group, implying that North Korea authorized the ransomware campaign. But based on the evidence available so far, it's much too early to attribute the attacks to anyone.
A New York City hospital has paid a hefty HIPAA settlement to federal regulators for privacy breaches that impacted just two patients but involved the impermissible disclosure of sensitive medical information, including HIV status.
Target has reached a record settlement agreement with 47 states' attorneys general over its 2013 data breach. The breach resulted in hackers compromising 41 million customers' payment card details and contact details for more than 60 million customers being exposed.
The Donald Trump administration, in its fiscal 2018 budget, outlines steps it contends would strengthen the U.S. federal government's information systems, even as it would cut some cybersecurity spending at specific agencies.
The WannaCry ransomware outbreak showcases the problem: Security pros are overwhelmed by vulnerabilities that could be simple to mitigate, if only they had the right info at the right time. Humphrey Christian of Bay Dynamics discusses how to improve vulnerability risk management.
The WannaCry ransomware outbreak was a huge "wake-up call" for the global information security community, says Dan Schiappa of Sophos. It's time to patch those legacy systems and prepare for the inevitable next big crimeware scare, he says.
The Trump administration's detailed budget proposal for fiscal 2018 calls for hefty cuts for the two Department of Health and Human Services agencies responsible for health data privacy and security issues, including HIPAA enforcement. What's the potential impact?