Enacting legislation to compel tech companies to help law enforcement decrypt data on mobile devices would diminish America's standing as a moral leader in the world, a nation looked up to by billions of people, even with our many flaws.
The scant - if not conflicting - details and sourcing attached to a recent news report on how the FBI cracked an iPhone 5c have left information security experts questioning both technical details and related agendas.
By a 28-0 vote, the House Judiciary Committee has approved legislation to require law enforcement to obtain a warrant before compelling third-party providers, including those offering cloud services, to surrender their customers' email and text content.
The IRS, which has been plagued by data security incidents, faces the loss of key IT and data security personnel over the next year unless Congress renews a lapsed law that boosted the pay of top-notch personnel temporarily recruited from the private sector, IRS Commissioner John Koskinen tells Congress.
Healthcare organizations are well aware of the importance of data security. Each year over 65 million people are affected by data breaches, costing healthcare providers approximately $6 billion. And these numbers continue to grow, putting them at risk for violating HIPAA and HITECH regulations, litigation and loss of...
The Obama administration proposes to spend $3.1 billion next year to seed a fund designed to improve cybersecurity by modernizing federal IT. It's part of a legislative proposal to establish a board of government IT security experts to identify the highest priority modernization projects.
The continuing success of attackers stealing billions of dollars from organizations, often through simple business email compromise scams, is a sad commentary on the state of corporate security practices as well as our collective lack of cybersecurity smarts.
A court has approved settlement of a class-action lawsuit filed by employees of Sony Pictures in the wake of its massive 2014 breach. But some legal experts say the consumer protections provided in the settlement do not go much beyond what the company should have routinely provided to victims in the wake of a breach.
Health insurer Anthem, the victim of a massive hacker attack, failed in its effort to persuade a court to allow it to inspect certain customers' computers to help it fight a class-action lawsuit tied to the breach. Why did Anthem make the move? And what issues does it raise?
The massive "Panama Papers" data leak apparently was enabled by a law firm failing to have the right information security defenses in place. The breach calls attention to the need for all organizations to encrypt sensitive data, use access controls as well as monitor access patterns for signs of data exfiltration.
Federal regulators have quietly released an updated, extremely detailed protocol for use in phase two of HIPAA compliance audits of covered entities and business associates later this year. Experts say the protocol also can be a helpful tool in self-assessing compliance as well as security strategies.
Revelation of 321 attempts to place ransomware on federal government computers in the second half of last year raises a number of questions about the effectiveness of the Einstein intrusion detection and prevention system as well as how the government responds to such attacks.
If you cast the Panama Papers leak in terms of class warfare, this isn't the first time that a faceless few have acted for what they perceive to be the good of the proletariat, in a bout of hacker - or insider - vigilantism.
At least seven class action lawsuits have been filed against 21st Century Oncology, a cancer center chain that recently reported a hacker attack that compromised the data of 2.2 million individuals. But those filing the suits have an uphill climb, some legal experts say, based on the outcomes of similar cases.