It's "cyber party" time, as self-described "eccentric millionaire" - and onetime anti-virus company founder - John McAfee announces that he's entering the 2016 U.S. presidential race with a newly created party that will focus on security and privacy.
To prepare for next year's resumption of HIPAA compliance audits, organizations must be ready to demonstrate how they're complying with the revised breach notification rule and how they're providing patients with electronic access to records, says attorney David Holtzman.
If there's one thing federal regulators want to drill into the heads of covered entities and business associates about data breach prevention, it's this: Stop procrastinating, and conduct a risk analysis and encrypt most of your computing devices right away.
BlackBerry plans to buy mobile device management rival Good Technology for $425 million. BlackBerry must prep for a future in which it no longer manufactures hardware - and that's why this deal makes sense.
Mozilla, which maintains the Firefox browser, says an attacker infiltrated its bug-tracking tools, stole information on an unpatched flaw, and exploited users for at least three weeks, before the flaw was patched.
Match.com suspended all advertising on its U.K. site after discovering that one of its third-party advertising provider's networks had been infiltrated by a malware-serving campaign. The incident follows U.K. dating site Plenty of Fish recently falling victim to a similar campaign.
Sony Pictures Entertainment has reached a tentative deal to settle a class-action lawsuit filed against it, stemming from its 2014 data breach, which resulted in the leak of personal information for up to 50,000 employees.
FDA official Suzanne Schwartz, M.D., expects more medical device security vulnerabilities to come to light in the year ahead. The FDA soon will issue new guidance addressing the cybersecurity of medical devices already in use.
The HHS Office for Civil Rights is getting closer to resuming the HIPAA compliance audit program, says OCR Director Jocelyn Samuels. Plus, OCR has completed another major breach-related settlement, and it's firming up plans for several new compliance-related initiatives.
The U.S. Office of Personnel Management promises that it will soon notify 21.5 million individuals that their background-check information was breached. Meanwhile, the government has lined up notification and response services for future needs.
Government agencies used to be the top attack target, as well as the top source of threat intelligence. How did the private sector turn the tables, and what can government do to improve? Rapid7's Wade Woolwine offers insight.
More hackers are exploiting remote-access and network vulnerabilities, rather than installing malware to invade networks and exfiltrate data, says Dell SecureWorks' researcher Phil Burdette. That's why conventional breach-detection tools aren't catching the intrusions.
In the wake of hacker attacks, which have left healthcare providers uncertain about what security steps to take, the Office of the National Coordinator for Health IT is working to help organizations sort out role-based identity and access management issues, says ONC's privacy officer, Lucia Savage.
Policymakers must consider three factors before imposing sanctions in retaliation for state-backed hacks: Confidence in its attribution of responsibility, the impact of the incident and the levers of national power at a state's disposal.