Neutering the army of web-connected devices used in the large internet attack that hampered access to major sites - including Amazon, PayPal, Spotify and Twitter - is technically possible. But no option offers either a great or near-term fix.
In the twelfth HIPAA enforcement action so far this year, federal regulators have smacked St. Joseph Health System with a $2 million penalty after investigating a breach that exposed patient information to internet searches for more than a year. And more enforcement actions tied to other breaches are on the way.
Virtually every industry is prone to cyberattacks, online fraud and identity theft. For years' banks have secured online transactions for commercial accounts and private banking customers via multifactor authentication. Now through organizations like the NCSA and HIMSS, multifactor authentication may finally become...
With comprehensive network modeling extending into virtual networks, network security engineers can gain the needed visibility to unify security and compliance processes across their hybrid hardware and virtual environments.
Understanding the difference between cybersecurity crisis management and security incident response could be critical to your organization's survival. In this blog, a CISO offers insights on creating an effective crisis management plan.
Nine technology companies have recently founded the Vendor Security Alliance (VSA), an independent, non-profit coalition that aims to help member companies evaluate or assess the security and privacy of third-party providers whom they heavily rely on and even entrust their users most important data with. They also...
If you look beyond the political bickering and study the cybersecurity platforms that presidential candidates Hillary Clinton and Donald Trump have posted on their campaign websites, you'll see that their approaches are similar in some respects.
New long-awaited federal guidance clarifies that cloud services providers that handle protected health information are nearly always considered business associates under HIPAA and, as a result, must meet the regulation's security requirements.
Hacker attacks continue to account for the vast majority of health data breach victims this year, according to the latest federal tally. Some security experts expect that trend will persist as long as many organizations focus narrowly on HIPAA compliance rather than larger cybersecurity issues.
Sadly, users are still their own worst enemy as they are not taking the safeguards to help protect themselves in digital mobile market today. As reported by Infosecurity Magazine, today, only 45% report locking their phone with a pin, password or biometric. Yet 83% of consumers are extremely, very or somewhat...
Because the legal relationships between healthcare organizations can be very complex, it's not always crystal clear when business associate agreements should be in place to help safeguard patient data, says privacy attorney Adam Greene. He explains the legal issues in this in-depth interview.
Attackers have healthcare entities in their crosshairs, and their favorite targets are easily compromised credentials. Tracy Hulver of Synchronoss offers new ideas for how security leaders can better manage and secure identities.
The Yahoo breach - and the theft of unencrypted security questions and answers - is a reminder to use unique passwords and security questions, store them using a password safe and take advantage of two-factor authentication whenever it's available.