A recent hacker attack targeting a revenue cycle management software and services vendor, which impacted more than 31,000 patients at 11 healthcare organizations, illustrates the potentially broad security risks posed by business associates.
The EU's General Data Protection Regulation, which has tough breach notification requirements, is spurring global interest in technologies to help prevent insider breaches, says Tony Pepper of Egress Software Technologies.
Does social media fuel toxic politics and racial tension? We're still in the early of days of understanding the long-term effects of social media on society, but the early signs aren't good. It's time for social networks to take moral responsibility for content on their networks - even if they don't want it.
A new council of healthcare CISOs hopes to work together toward improving uniformity and efficiency in the way organizations review the security controls and practices of third-party vendors that handle sensitive patient data.
Three months after the EU's General Data Protection Regulation went into full effect, the U.K.'s data privacy watchdog says that the number of data protection complaints it has received from individuals has nearly doubled.
Managing the cost of compliance is becoming an increasing concern for financial institutions. The dearth of experienced compliance professionals, the growing influence of big data, and escalating risk are contributing to the challenges these organizations face. There are proven strategies that can be executed to...
A previously unnamed U.S. energy company that agreed to a record $2.7 million settlement after it left 30,000 records about its information security assets exposed online for 70 days in violation of energy sector cybersecurity regulations has been named as California utility PG&E.
Companies that want to continue doing business globally will need to take privacy much more seriously, especially in light of increasingly strict new laws, ranging from the California Consumer Privacy Act to the EU's GDPR, says privacy and security expert Michelle Robles.
Leading the latest edition of the ISMG Security Report: An analysis of why it may be too late to secure the 2018 U.S. midterm elections. Also: A close look at the Anthem breach lawsuit settlement and a report on ransomware recovery lessons learned.
With less than three months to go until the U.S. midterm elections, Alex Stamos, until recently Facebook's CSO, says there isn't time to properly safeguard this year's elections. But here's what he says can be done in time for 2020.
Some terms of the recent $115 million settlement in the class action lawsuit against health insurer Anthem tied to a 2015 cyberattack appear underwhelming for the victims, says attorney James DeGraw, who explains why.
U.K. health and beauty retailer Superdrug Stores is warning customers that attackers may have compromised some of their personal information, apparently because they'd reused their credentials on other sites that were hacked. While Superdrug quickly notified victims, it stumbled in three notable ways.
About 30 new health data breaches - including a phishing attack impacting 1.4 million individuals - have been added in recent weeks to the official federal tally, pushing the total victim count for 2018 so far to 6.1 million.