Rather than taking specific steps to thwart potential cyber-attacks from nation-states, organizations should focus instead on implementing a comprehensive strategy to protect their sensitive data from all threats, says Lance James of Deloitte &Touche.
The Office of Personnel Management is notifying 4 million current and former federal government employees that their personally identifiable information may have been exposed by a breach of its IT systems that the government discovered in April.
A cyber-insurer that paid more than $4 million to settle a class action suit filed against its client, Cottage Health, in the wake of a 2013 data breach is now trying to claw back the payments. What lessons can others learn from the dispute?
The NSA secretly widened its warrantless surveillance of Americans' international Internet traffic to seek evidence of malicious computer hacking, according to published reports based on documents leaked by former NSA contractor Edward Snowden.
Law enforcement officials estimate that fewer than 200 people in the world build the core infrastructure and tools relied on by cybercriminals who would otherwise lack such capabilities. What's the best way to stop them?
Comptroller of the Currency Thomas Curry says banks need to be better prepared to address the cyber-risks associated with new payments systems, and he calls for closer regulatory scrutiny of non-bank payments providers.
Federal and state agencies should take more steps to prevent Medicaid fraud, such as fraudsters using the identities of deceased patients or providers to receive payments, according to a government watchdog agency.
The lead cybersecurity official for Britain's GCHQ intelligence agency dismisses charges that the U.K. conducts mass surveillance. But critics question the government's introduction of the Investigatory Powers Bill.
Hours after the Senate approved the USA Freedom Act, President Obama signed the legislation to restrict the way the National Security Agency collects information about Americans' telephone calls.
In a case also involving kidnapping and drug conspiracy, two individuals - a former hospital worker and a convicted drug trafficker - have been sentenced to prison for HIPAA privacy violations. Learn who received the maximum sentence.
NASSCOM and DSCI have launched a cybersecurity task force to help develop India as a global R&D hub. Experts question whether the sponsoring organizations have set the right agenda for this new entity.
Inspector General Russell George says hackers would have had a tougher time breaching the IRS "Get Transcript" system if the agency had implemented IG recommendations, but he stops short of saying the safeguards would have prevented the hack.
The consolidated class-action lawsuit filed by banking institutions against Home Depot is more evidence of how issuers are no longer relying solely on card brands to be compensated for breach losses and expenses.
In assessing risk, computer security has three characteristics: confidentiality, integrity and availability. But not all of those traits help systems designers assess privacy risks. So NIST is developing a privacy risk management framework.
Some healthcare associations are seeking more clarity from federal regulators about security and privacy requirements proposed for Stage 3 of the HITECH Act "meaningful use" incentive program for electronic health records. Find out their concerns.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.