The Ashley Madison dating website hack and threatened data release is a perfect illustration of the perils - and promise - of our Internet-connected, hacktivist age, whether it comes to online dating or the Internet of Things.
Would encryption, two-factor authentication and other measures stop a determined adversary from stealing millions of U.S. government personnel files? No, a former CIA CISO says. Read how Robert Bigman would defend against OPM-style cyber-attacks.
The Gartner Security and Risk Management Summit tackles digital business, a concept that blurs the physical and digital worlds, and requires organizations to reconsider how they approach IT security and risk management.
Prosecutors love to tell judges that sentences for hackers and cybercriminals must be strong enough to deter future such crimes. But as the case of Silk Road mastermind Ross Ulbricht shows, they've failed to make the case for deterrence.
In the wake of recent alerts about infusion pump security vulnerabilities, now's a good time for all healthcare organizations to reassess their basic practices for keeping medical devices secure and safe. Check out what the VA is doing.
Some federal lawmakers are concerned that passing a national data breach notification law would weaken security protections found in certain states' statutes. That's a major reason getting a national law enacted will prove difficult.
After a three-year delay, federal regulators remain tight-lipped about when the next round of HIPAA compliance audits will begin. But a variety of HIPAA-related guidance is in the works, a government official reveals at the HIMSS15 conference.
A Government Accountability Office audit shows that Internal Revenue Service financial and taxpayer data remain unnecessarily vulnerable to inappropriate and undetected use, modification and disclosure.
Federal regulators issued a report about weaknesses found in an audit of Premera Blue Cross' systems about a month before an attack by hackers against the health insurer apparently started. Could those weaknesses have opened the door to an attack?
Mattel will sell a cloud-connected $75 "Hello Barbie" doll that can "listen" to what kids are saying and talk back. But security experts warn that anything that connects to the Internet can - and will - be hacked.
Privacy and security experts are offering mixed reviews of Anthem Inc.'s denial of a government auditor's request to perform vulnerability scans of the health insurer's IT systems in the wake of a hacker attack that affected 78.8 million individuals.
Anthem Inc. has refused to allow a federal watchdog agency to conduct vulnerability scans of its systems in the wake of its recent massive data breach. The health insurer also refused to allow scans by the same agency in 2013.
Because of lax information security controls, the systems that control air traffic in the United States are at "increased and unnecessary risk," GAO says. Leaders of the congressional panels with FAA oversight want to know why.
Is your organization running its anti-malware defenses properly? Don't be so sure. A new study finds that essential features built into anti-virus software are not always being used. From an information security standpoint, that's a serious problem.