The agency that enforces HIPAA is urging healthcare organizations and their business associates to ramp up their efforts to share information on cyber threats as part of a broader effort to develop more mature information security programs.
A one-character coding error by Cloudflare exposed data - that otherwise would have been encrypted - from major web services, putting personal information, chat messages, OAuth tokens, encryption keys and cookies at risk.
Paid breach notification site LeakedSource has disappeared. Given the site's business model - selling access to stolen credentials to any potential buyer - breach notification expert Troy Hunt says the site's demise is no surprise.
Leading the latest version of the ISMG Security Report: a look at how various sectors are moving away from checkbox compliance, instead taking proactive measures to secure their information assets. Also, big increase in e-commerce fraud and Yahoo's costly breach.
What's required to access the Dark Web? And how does one separate fact from fiction? These are two of the five things Dark Web users need to know, says Danny Rogers, co-founder and CEO of Terbium Labs.
Every year, information security professionals flock to San Francisco for the annual RSA Conference. From the debut of "Trumpcryption" to cybersecurity's "greatest hits" set to hip-hop violin, here are some of the 2017 event's highlights.
At the request of German authorities, British police have arrested a suspected hacker involved in last year's disruption of 1 million Deutsche Telekom customers' routers via Mirai malware, which targets default credentials on internet-connected devices.
State officials who oversee elections have formally objected to a DHS designation of America's electoral system as critical infrastructure. The National Association of Secretaries of State is asking DHS Secretary John Kelly to rescind the designation made by his predecessor, Jeh Johnson.
Verizon will pay $350 million less for Yahoo than it first offered because the deal subsequently became tainted by three data breach disclosures. Yahoo's lower value is a study in how data breaches can impact big business transactions.
Major healthcare breaches involving hackers accessing patient information soared in 2016. But now more cybercriminals are shifting their attention to ransomware attacks because of the glut of stolen health information hitting the black market, says Dan Berger of CynergisTek.
Organizations are increasingly turning to user behavioral analytics to help more quickly detect new attacks - emanating from inside or outside the enterprise - as well as mitigate those threats, says CA's Mark McGovern.
Staying current in threat detection is key, which is why more security companies need to embrace a more open way of thinking when it comes to solutions integration, says Christopher Kruegel, CEO of Lastline.
A pending federal regulation - called for under the HITECH Act - that would allow regulators to share with breach victims money collected in HIPAA violation cases eventually could have implications for class-action breach lawsuits, says privacy attorney Adam Greene.
Increasing regulatory oversight is overwhelming smaller banks and credit unions, pushing them to continue to focus more on compliance than overall cybersecurity and resilience, says Sean Feeney, CEO of Defense Storm.