The deadly hurricane season has prompted federal regulators to issue several specific HIPAA waivers in recent weeks. But are such waivers really necessary? And what actions can healthcare providers take during a crisis even without a waiver?
A federal watchdog agency has announced it will scrutinize HHS's incident response capabilities as well as Obamacare's security controls. The agency has also issued a new report finding security gaps in Alabama's Medicaid information systems security.
Top IT security and information risk experts, including former RSA Executive Chairman Art Coviello, analyze the struggles Equifax faces in the wake of a massive data breach in the latest edition of the ISMG Security Report.
The arrest of 10 men in Uttar Pradesh for allegedly cloning fingerprints of authorized Aadhaar enrollment officers is once again stirring debate over whether it's wise for India to rely so heavily on Aadhaar for authentication.
Through an ongoing series of Healthcare Security Readiness workshops, key gaps in how healthcare organizations defend against cybercrime hacking have emerged. Has your organization assessed and mitigated gaps in security...or are even aware of what they are?
In the following ISMG interview transcript, David...
An ongoing series of Healthcare Security Readiness workshops reveals some key gaps in how healthcare organizations defend against cybercrime hacking. How should entities assess and mitigate these gaps? David Houlding of Intel shares insights.
A major operation to cleanse websites of digital certificates created under questionable circumstances is underway. Google has issued the orders: Purge digital certificates that were issued by Symantec before June 1, 2016.
The landscape of user authentication is changing rapidly. A vanishing perimeter and the continuing explosion of cloud-based applications and mobile devices are blurring old boundaries - creating more islands of identity and forcing organizations to reimagine identity and access strategies. And, with four out of five...
CISOs have plenty to keep them up at night. With data breaches, ransomware incidents and system compromises, security leaders are forced to find ways to beat threats without slowing their pace of business. If they fail to effectively manage those risks, their organizations can face huge consequences.
While process...
Lenovo will pay $3.5 million to the U.S. Federal Trade Commission and 32 states to settle a case brought against it over advertising software with serious security issues that was preinstalled on thousands of the company's laptops.
Angler phishing targets customers of financial services firms more often than any other industry. When a customer tries to connect to with you, the attacker responds through a lookalike social media account and tries to obtain your customer's account credentials. This can lead to real monetary losses, a damaged brand,...
The ISMG Security Report leads with views on a novel way to fund the growth of the United States military's Cyber Command by seizing assets such as digital currencies from hackers and other criminals. Also, we offer tips on how to recruit scarce IT security pros.
An incident involving HIV information being potentially visible through envelope windows on thousands of letters mailed to members of Aetna's pharmacy benefits plans is an important reminder that even routine mailings present privacy risks.
Two new reports by a federal watchdog agency hit a familiar theme: Some state Medicaid systems have weaknesses that potentially put sensitive data and government operations at risk.
From a security perspective, moving your applications and data to AWS does not necessarily eliminate or minimize your security challenges. Regardless of their location - public, private cloud or physical data center - your applications and data are an attacker's target, and protecting them in AWS introduces the same...
