Federal regulators are sending a powerful message about the importance of applying software patches by slapping an Alaska mental health services providers with a $150,000 HIPAA sanction. Learn what's included in the corrective action plan.
Like the Target breach a year ago, the Sony Pictures Entertainment hack that's grabbed recent headlines will prove to be a catalyst for change, grabbing the attention of CEOs and board members and spurring them to beef up information security.
The latest entrant into the password "hall of shame" is Sony Pictures Entertainment. As the ongoing dumps of Sony data by Guardians of Peace highlight, Sony apparently stored unencrypted passwords with inadequate access controls.
Lawmakers and their staffs are working behind the scenes to get one or perhaps two pieces of cybersecurity legislation enacted before the 113th Congress adjourns this month. But passage remains a longshot.
Who hacked Sony? Not us, say the North Koreans, ending days of silence. As Deloitte becomes the latest victim of the G.O.P. gang that's claimed credit, one thing is certain: Sony won't have to buy the movie rights to this hacking story.
A federal judge has denied Target's motion to dismiss a class action lawsuit brought against it by several banking institutions following the retailer's December 2013 data breach that exposed 40 million credit and debit cards.
Retailers say tokenization and encryption are critical to ensuring payment card data security. Aite's Natalie Reinelt describes how merchants will use layers of security to protect data at the point of capture.
A new U.K. government report accuses social networks of serving as a "safe haven for terrorists," inflaming what some see as tense relations in the post-Snowden era between the British government and Silicon Valley.
An ongoing legal dispute between the Texas Health and Human Services Commission and its former contractor, Xerox, has led the state agency to report a breach it claims affected 2 million individuals. Learn what both sides have to say about the case.
The FDIC reveals more details about pending cybersecurity guidance that is expected to address specific types of cyber-attacks. Industry analysts say these new guidelines could signal more frequent updates from regulators.
Retailers cannot avoid innovation. Yet, cybercriminals thrive when retailers innovate. What, then, can retailers do to stop cybercriminals from breaching their defenses? Here are three key questions to answer.
Legal experts size up class action lawsuits filed in the wake of two breaches, one affecting customers of the Jimmy John's restaurant chain and the other affecting employees and contractors of Coca-Cola.
Put together, two IRS audits illustrate a major concern many security pros have about FISMA audits: They're checklists of whether organizations comply with regulations that require specific processes but do not determine if the processes are effective.