"Persistent" is the operative word about the advanced persistent threat that has struck RSA and its SecurID products. "If the bad guys out there want to get to someone ... they can," says David Navetta of the Information Law Group.
The announcement by RSA that it had been a victim of an advanced persistent threat shook the global information security industry. Stephen Northcutt of SANS Institute and David Navetta of the Information Law Group offer insight on what happened, what it means and how to respond.
Insurer Health Net is notifying 1.9 million individuals that their healthcare and personal information may have been breached as a result of nine server drives missing from a California data center managed by IBM.
Virtually every company has protection against email-based viruses and spam. But what about protection of email? Unsecured email travels across the Internet as plain test and can reside for months on multiple servers, vulnerable to interception by hackers and data thieves. You may as well have put it on a postcard...
Lengthy downtime, data losses, and security breaches can harm business results, bringing business to a halt: stopping the flow of orders, reducing sales revenue, and interfering with the supply chain. These downtimes could potentially impact a company's ability to compete with other organizations that were unaffected,...
In the second major HIPAA enforcement action announced by federal authorities this week, Massachusetts General Hospital and its physicians organization have entered into a resolution agreement that calls for paying a $1 million settlement and taking corrective action to avoid future violations.
The owner of four clinics in Maryland has been fined $4.3 million for HIPAA privacy rule violations that involved failing to provide 41 patients with access to their medical records and then failing to cooperate with federal investigators.