Some security experts are concerned that narrower risk assessment requirements in a proposed Stage 3 rule for the HITECH Act EHR incentive program could confuse healthcare entities about the importance of conducting a broad HIPAA risk assessment.
Despite high-profile attacks and publicity, advanced persistent threats continue to strike organizations in all sectors. How can security leaders improve defenses? ThreatTrack's Usman Choudhary offers advice.
The Department of Health and Human Services still hasn't implemented recommendations that could help reduce billing fraud related to electronic health records, according to a watchdog agency.
David Recordon, a founding member of the OpenID Foundation, had been Facebook's engineering director for nearly six years before accepting the position of director of White House information technology.
The way enterprises address information security will play an increasingly critical role in how cyber-insurance providers determine coverage and pricing, insurance experts told members of Congress at a recent hearing.
Despite high-profile attacks and publicity, advanced persistent threats continue to strike organizations in all sectors. How can security leaders improve defenses? ThreatTrack's Usman Choudhary offers advice.
Federal regulators issued a report about weaknesses found in an audit of Premera Blue Cross' systems about a month before an attack by hackers against the health insurer apparently started. Could those weaknesses have opened the door to an attack?
The FFIEC says it's taking several additional steps, including updating and supplementing its Information Technology Examination Handbook, to help banking institutions enhance their cybersecurity risk preparedness. Find out the details.
Witnesses testifying at a House hearing offered divergent views on the language of legislation to nationalize data breach notification, showing the challenges lawmakers face in crafting a bill that can pass Congress and be signed by the president.
Web.com won't confirm or deny that its Register.com subsidiary, which manages more than 2 million domain names, has been breached. But a news report claims the FBI is investigating a year-old intrusion.
The massive cyber-attacks targeting health insurers Premera Blue Cross and Anthem Inc. make it clear that hackers increasingly view large healthcare organizations, especially payers, as attractive targets.
When Todd Davis helped found LifeLock in 2005, ID fraud was a niche consumer issue. Today it's a major enterprise risk. What are today's top fraud threats, and where are some of the surprising security gaps?
A bill to be introduced by Rep. Mike McCaul would designate DHS's National Cybersecurity and Communications Integration Center as the portal for sharing cyberthreat information. The measure will spell out liability safeguards for those sharing data.
Microsoft has revoked a fraudulent SSL digital certificate issued in the name of its Finnish Windows Live service. But security experts warn that some software may "trust" the certificate for years, so it could be exploited in phishing campaigns.
Experts analyze a news report that the investigation into the hack attack against JPMorgan Chase could result in criminal charges being filed in the "coming months" because investigators believe at least some suspects can be extradited.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.