At the first of two Congressional hearings this week, Facebook CEO Mark Zuckerberg on Tuesday faced questions from Republicans and Democrats alike about whether the government should more closely regulate his firm and others.
As payment card fraud schemes continue to evolve, the PCI Security Standards Council has to recalibrate its standards and programs, says Troy Leach, the council's CTO, who describes three key updates.
In this era of "fake news," Time Inc. Deputy CISO Preeti Palanisamy takes seriously the challenge of maintaining the integrity of journalism from content creation through production and eventual publication.
With Alabama and South Dakota recently becoming the last two states to adopt breach notification laws, notification processes become more complicated, says privacy attorney Adam Greene, who offers an in-depth analysis.
FireEye has noticed an emerging trend: Breach investigations are increasingly prompting audits intended to ensure publicly traded companies are compliant with Sarbanes-Oxley. IT has changed dramatically since SOX became effective 16 years ago. Here's what to keep in mind.
The high-profile breaches of Fortune 100 companies are the ones that get the headlines, but small and midsized businesses should not breathe any sighs of relief. They are very much still targets, says Austin Murphy of CrowdStrike. He offers cybersecurity advice to SMBs.
Government cyber teams must adopt a modern and evolving security operations model and an analytics-driven approach to cybersecurity if they hope to keep pace with the evolving threat landscape.
The New Jersey state attorney general has smacked a medical practice with a $418,000 penalty for a 2016 HIPAA breach involving a vendor's misconfigured server. The case is the latest example of the risks posed by vendors.
Should federal regulators provide physicians with a free pass from having to conduct a HIPAA risk analysis or face a random HIPAA compliance audit if they implement a cybersecurity framework? That's what the AMA is proposing. Security experts weigh in with reactions.
Facebook CEO Mark Zuckerberg says the social networking company is already complying with parts of Europe's GDPR privacy legislation, but it won't comply with all of its requirements worldwide. Zuckerberg's comments are likely to rile critics following the uproar around voter-profiling firm Cambridge Analytica.
CISOs increasingly are summoned to present to their Boards of Directors. But too often these presentations fail to frame the right topics with the right metrics, says Jacob Olcott of BitSight. He offers advice for maximizing the opportunity in front of the Board.
Leading the latest edition of the ISMG Security Report: Ransomware hits the city of Atlanta, Baltimore's 911 system as well as aviation giant Boeing. Plus, WikiLeaks and its Julian Assange get taken for a ride by Russian intelligence.
Federal regulators are considering potential changes to HIPAA privacy rule and enforcement regulations, but aim to first engage the healthcare sector and public for input, says the nation's top HIPAA enforcer. So, what changes are being considered?
Despite the White House's request for deep budget cuts, Congress passed and President Trump signed into law last week flat funding for the current fiscal year for the two federal agencies responsible for health information privacy and security issues, including HIPAA enforcement.
Security experts analyze the potential impact of recently announced changes to the PCI Security Standards Council's Qualified Integrators and Resellers Program that are designed to help smaller merchants prevent breaches.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.com, you agree to our use of cookies.