The latest annual Office of Management and Budget report to Congress on agencies' FISMA compliance shows IT security is complex and tough to effectively implement, with authentication, in particular, a challenge.
The Senate Intelligence Committee could consider in the coming days new cyberthreat information sharing legislation that's seen as more to the liking of the business community than the measure proposed by President Obama.
Massive breaches, such as the recent hacker attack on health insurer Anthem, highlight why it's important for organizations to understand their breach notification obligations under state laws as well as HIPAA, says attorney Brad Rostolsky.
Word that Hillary Clinton maintained a personal email server while secretary of state has elevated cybersecurity and privacy as political issues. But it's just the latest example of such issues grabbing the attention of U.S. voters.
Small and mid-size businesses might not be able to afford participating in voluntary programs to share and receive cyberthreat information, as President Obama has proposed, industry representatives tell Congress.
A recent incident involving disposed in a vendor's dumpster is an example of why healthcare organizations say business associates taking inadequate security steps ranks as their No. 1 perceived breach threat today.
Congress has voted to fund the Department of Homeland Security through September, the end of the fiscal year, averting another threatened shutdown that would have curtailed some cybersecurity programs.
A class action lawsuit has been filed against a hospital company and a business associate for an insider breach that affected more than 82,000 individuals. The suit alleges patients didn't get the privacy protections they "paid for."
A willingness to compromise expressed at a House hearing on President Obama's cyberthreat information sharing initiative offered a sign of hope that legislation to get businesses to share such data could pass Congress and be signed into law.
Texas has dropped a lawsuit that it filed last year against Xerox related to a dispute over access to Medicaid records containing PHI. Nevertheless, the case remains as one of the largest health data breaches listed on the federal tally.
Manufacturers of PCs and mobile devices must end the practice of preloading "bloatware." Lenovo's experience with offering "free" adware shows the hidden security and performance tradeoffs buyers must endure.
Is your organization running its anti-malware defenses properly? Don't be so sure. A new study finds that essential features built into anti-virus software are not always being used. From an information security standpoint, that's a serious problem.