Utah Gov. Gary Herbert has taken several steps in the wake of a hacker attack against an unencrypted server that exposed state health department information on 780,000 individuals. Experts assess whether the steps are the right moves.
A cybersecurity public service campaign would do more than just make individuals aware of their own online behavior, but raise awareness to the economic threat posed by IT vulnerabilities, an issue political candidates should address.
A new guide from federal regulators on key privacy and security issues to address when adopting electronic health records is valuable. But additional guidance on risk assessments and other issues is needed.
Even with security information and event management systems, organizations labor to separate normal log data from actionable events, according to the latest Log and Event Management Survey from the SANS Institute.
Weeks, months or even years often go by before organizations discover they've been hacked, not learning of the attack until law-enforcement authorities inform them, says recently retired FBI Executive Assistant Director Shawn Henry.