Roundup of news and insights from the National HIPAA Summit, including the announcement that state attorneys general soon will receive training on how to file federal civil lawsuits for HIPAA violations.
"We are training organizations to become more security focused and get them away from the check box mentality," says Jeremy King of the PCI Security Standards Council, describing the group's new approach to increasing PCI awareness globally.
The United States Naval Academy is revising its core curriculum and will require midshipmen, beginning with the incoming freshman class entering Annapolis this summer, to take at least two cybersecurity courses during their four years at the school.
"Today's risk management professionals really need to take a strategic view of managing risk to be relevant in achieving the organization's expected outcome," says Philip Alexander of Wells Fargo Bank.
Though the E-Government Act assigns primary responsibility for IT security to agency CIOs, the Cybersecurity and Internet Freedom Act, introduced last week in the Senate, delineates responsibilities for CISOs.
Once a CEO understands the value and risks catered through mobile functionality, it is easier to discuss mobile innovations, policy and how the company can then strike a balance to meet customer and employee requirements.
A preliminary draft of new online authentication guidance from the Federal Financial Institutions Examination Council puts greater responsibility on the shoulders of financial institutions to enhance security.