Privacy Attorney Lisa Sotto says the Epsilon e-mail breach is a warning about the state of data security employed by some third-party service providers. Strong contracts related to security practices must be the norm, not the exception.
"Persistent" is the operative word about the advanced persistent threat that has struck RSA and its SecurID products. "If the bad guys out there want to get to someone ... they can," says David Navetta of the Information Law Group.
"It is the biggest breach we have ever seen; and to say no financial information has been stolen is, well, understating the massive breach and concern," says Neil Schwartzman, founder and chief security specialist at CASL Consulting.
A California hospital is notifying more than 514,000 patients of a breach of a limited amount of personal information stemming from the theft of an unencrypted computer.
After the revelation of Operation Aurora, the term began to take on a different meaning. "In essence," IBM's X-Force report says, "APT became associated with any targeted, sophisticated or complex attack regardless of the attacker, motive, origin or method of operation."
Three recent breach incidents, each involving the loss or theft of back-up drives, illustrate that some organizations are doing a better job than others in informing consumers about the steps they're taking to prevent more breaches.
Although many organizations are using encryption to protect data on mobile devices, they're often overlooking other important ways to prevent health information breaches, says Terrell Herzig, information security officer at UAB Medicine.
Enforcing standards for privacy and security is a major part of a new health information exchange accreditation program, says Lee Barrett, executive director of the Electronic Healthcare Network Accreditation Commission.
An Illinois childcare agency has articulated a revised security policy, including the use of encryption, in announcing a breach involving the apparent theft of three back-up unencrypted portable hard drives.
Cybersecurity threats are growing exponentially, but preparedness varies by country, says Philip Victor of the International Multilateral Partnership Against Cyber Threats, located in Malaysia.
Users of RSA's SecurID two-factor authentication products, acting on advice from the company, are devising strategies to monitor for threats and take preventive steps in the aftermath of a hacker attack against the products.
The American National Standards Institute is teaming up with the Shared Assessments Program to create a report offering healthcare information breach prevention tips.
Chief information security officers must gain buy-in from every business unit for a risk management framework, says Jim Murphy of Caritas Christi Health Care System.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.
