Recent data breaches in Washington state and Florida illustrate that government health agencies can be just as vulnerable to security incidents involving sloppy breach prevention or detection practices as healthcare organizations in the private sector.
The IRS, which has been plagued by data security incidents, faces the loss of key IT and data security personnel over the next year unless Congress renews a lapsed law that boosted the pay of top-notch personnel temporarily recruited from the private sector, IRS Commissioner John Koskinen tells Congress.
Healthcare organizations are well aware of the importance of data security. Each year over 65 million people are affected by data breaches, costing healthcare providers approximately $6 billion. And these numbers continue to grow, putting them at risk for violating HIPAA and HITECH regulations, litigation and loss of...
A British man who pleaded guilty to selling homemade distributed denial-of-service attack tools reportedly used to carry out more than 600,000 attacks has escaped jail time, with a judge calling him "young and naïve."
The Obama administration proposes to spend $3.1 billion next year to seed a fund designed to improve cybersecurity by modernizing federal IT. It's part of a legislative proposal to establish a board of government IT security experts to identify the highest priority modernization projects.
A House committee is seeking information about security breaches at the Federal Deposit Insurance Corp. in the wake of a former employee "inadvertently' departing the agency with a storage device that contained sensitive data on more than 44,000 individuals.
Security experts are once again warning all Flash users to either update or uninstall the browser plug-in software to protect themselves against active exploit kit attacks that are targeting a zero-day Flash flaw to install ransomware.
As the threat of malware infections, especially those involving ransomware, grows, organizations need to balance their perimeter-based security practices with an "intrusion tolerance" strategy that helps ensure a quick recovery, says medical device cybersecurity expert Kevin Fu.
The continuing success of attackers stealing billions of dollars from organizations, often through simple business email compromise scams, is a sad commentary on the state of corporate security practices as well as our collective lack of cybersecurity smarts.
Organizations spend over 10 percent of their IT budgets on security, yet breaches continue to rise. Much of the problem revolves around the fact that most organizations have countless point tools, most of which don't work together to keep the organization secure and responsive.
A court has approved settlement of a class-action lawsuit filed by employees of Sony Pictures in the wake of its massive 2014 breach. But some legal experts say the consumer protections provided in the settlement do not go much beyond what the company should have routinely provided to victims in the wake of a breach.
New guidance from the National Institute of Standards and Technology could help make it easier and less expensive for organizations to encrypt and decrypt some forms of data, including Social Security and credit card numbers.
Health insurer Anthem, the victim of a massive hacker attack, failed in its effort to persuade a court to allow it to inspect certain customers' computers to help it fight a class-action lawsuit tied to the breach. Why did Anthem make the move? And what issues does it raise?
The massive 'Panama Papers' leak demonstrates how law firms are at risk from internal and external attackers seeking to access confidential information. Experts offer insights on how these firms, and others, can better defend their clients' secrets.
Government auditors question the effectiveness of a U.S. military response to aid civil authorities during cyber-related emergencies because it's unclear which one of two defense units would lead such operations.