An HHS inspector general report on the shortcomings of a government contractor's USB drive security practices is a reminder of why all healthcare organizations need to control the use of mobile storage media and ports.
Researcher Billy Rios and a partner found password vulnerabilities in 300 medical devices, prompting the Department of Homeland Security to issue a security advisory to device manufacturers, healthcare facilities and users.
President Obama wants Americans to trust his administration on the way it collects data from Internet and telephone communications in the search for terrorists. Does the president deserve that trust?
The implementation of IPv6, the new Internet communications protocol, will have a major impact on identity and access management. EMC researcher Davi Ottenheimer explains how organizations should prepare.
Organizations generally do a good job focusing on governance, risk and compliance. But breaches add up, and LockPath CEO Chris Caldwell wonders "Where is the 'S' in GRC?" - where is the security?
Advanced threats and mobile security were the buzzwords of the Gartner Security & Risk Management Summit. What new insights did thought-leaders share, and how can they reshape our security posture?
The FDA has issued draft guidance urging medical device makers to develop cybersecurity controls. It has also released tips for how healthcare organizations can mitigate cybersecurity risks to devices.
In the face of advanced threats, organizations need to shift their security posture from breach prevention to incident response, says Tom Cross of Lancope, who discusses new strategies.
Having the right log and access management tools in place - and not all tools are used by all agencies at all times - doesn't mean that the proper authorities are alerted in a timely manner to activities that could jeopardize the nation's security.
Secure messaging based on the Direct Protocol may eventually be applied globally because of worldwide interest in health information exchange, some backers say. The protocol incorporates international standards.
A recent ATM cash-out scheme that netted $45 million puts a spotlight on the need for preventive measures, says John Buzzard of FICO's Card Alert Service. He offers several fraud mitigation tips.
On average, 86 percent of web applications have at least one serious vulnerability, and each app is attacked about 4,000 times per year, says Imperva's Terry Ray. So, how must security be improved?
Operating in a cloud environment opens up organizations to a new dimension of insider threat problems, says Alex Nicoll of Carnegie Mellon University's CERT Insider Threat Center.
Collecting massive amounts of data on individuals, whether in the government or private sector, has become the norm in our society. It's not quite Orwellian, but it's a situation we might have to learn to live with.
As they develop mitigation strategies, organizations must keep in mind that all cyber-attacks, ranging from DDoS to phishing, ultimately aim to compromise data - and they virtually all are advanced and persistent.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.