Using technology to prevent breaches is insufficient. Security leaders also must address the human factor, making sure staff members receive appropriate training on clear-cut policies - before it's too late.
Managing advanced persistent threats will be a priority throughout 2013, says RSA CISO Eddie Schwartz. How should organizations defend themselves against APTs and the year's other top security threats?
It's not malware, crime rings or hacktivists. What, then, are among the threats that concern security leaders most? CISO Tom Newton offers new insight on today's top threats and strategies to combat them.
Kathryn Marchesini, a privacy adviser at the Office of the National Coordinator for Health IT, outlines the three most important steps healthcare organizations should take to avoid breaches of information on mobile devices.
Heading into 2013, security leaders across industry feel confident about their processes and technology. People, though, continue to create the greatest risks. Can "awareness in depth" make a difference?
In recent weeks, the federal tally of major health information breaches has been growing at a relatively slow pace. Is that evidence that healthcare organizations are getting better at preventing breaches?
A breach that resulted in a $1 million HIPAA settlement led Partners Healthcare in Boston to take many significant steps, including merging its privacy and security efforts, says CISO Jennings Aske. More changes are planned for 2013.
The Walgreens drugstore chain will pay $16.6 million to settle a California case involving improper disposal of hazardous waste, as well as certain confidential patient information, in dumpsters near their stores.
As seen on YouTube, South Carolina Gov. Nikki Haley, more than any other chief executive, in or out of government, is out front leading the response to a breach of its tax system. It's been an education for the governor as well as South Carolinians.
Despite numerous data breaches, as well as financial incentives and penalties, many healthcare organizations aren't taking risk assessment requirements seriously. Experts offer insights on best practices.