In this week's breach roundup, British Columbia's health minister has confirmed personal health data for millions of individuals was accessed for research purposes without authorization, and a Canadian agency lost a device containing student loan information for almost 600,000.
The long overdue final HIPAA omnibus rule has been released. The package includes extensive modifications to the HIPAA privacy, security and enforcement rules as well as an updated version of the HIPAA breach notification rule.
Two new insider fraud cases showcase the challenges organizations face to detect and prevent crimes by trusted employees. "You need IT controls, but you need more than IT," says researcher Randy Trzeciak.
How are banks responding to DDoS phase 2? "From a technology standpoint, we have improved our defenses quite a bit," says Dan Holden of Arbor Networks. Experts discuss top DDoS lessons banks have learned.
Many organizations are weighing whether cyber-insurance is a worthwhile investment. A decision on the type of policy to buy, and what it should cover, depends, in part, on the type of information that could be exposed.
In this week's breach roundup, regulators are investigating a possible breach involving Kaiser Permanente and a business associate, and hackers compromise servers at a University of North Carolina cancer center.
What are the top account takeover threats to banking institutions in 2013? Ken Baylor of NSS Labs discusses Zeus variants, mobile malware and how institutions can protect themselves from fraudsters....
In light of growing threats and the increasing complexity of information technology, organizations must get everyone in the enterprise, especially top leaders, involved in assessing and managing information risk.
To mitigate the top threats for 2013, organizations need to understand the motivations of potential attackers so they can adequately defend their networks and systems. Experts describe risk management strategies for the year ahead.