Shed a tear for enthusiasts of aging Microsoft Windows operating systems. That's because Microsoft has now retired Windows Server 2003 support, as well as anti-virus scanner and signature updates for Windows XP. But breaking up can be hard to do.
As federal lawmakers return this week from their Independence Day recess, Congress picks up where it left off before the break: holding hearings on the Office of Personnel Management breach that exposed the personal records of millions of government workers.
The FFIEC has released its much-anticipated Cybersecurity Assessment Tool. Hear why banking regulator Tim Segerson believes the tool is expected to be rolled into regulatory examinations by summer of 2016.
President Obama proposes spending more money on cybersecurity, replacing government agencies' antiquated, unsecured systems. But what really needs to be done to thwart breaches, like the hack attack against the Office of Personnel Management?
EdgeWave's Mike Walls, a former bomber pilot who led Navy red teams, says penetration testing is useful in analyzing bits and bytes but not the readiness of operations under attack from cyberspace. Red teams, he says, can analyze the impact on operations.
In assessing risk, computer security has three characteristics: confidentiality, integrity and availability. But not all of those traits help systems designers assess privacy risks. So NIST is developing a privacy risk management framework.
Some healthcare associations are seeking more clarity from federal regulators about security and privacy requirements proposed for Stage 3 of the HITECH Act "meaningful use" incentive program for electronic health records. Find out their concerns.
A new breach reported by Heartland Payment Systems won't get much attention. But this incident could be more damaging to the undisclosed number of consumers affected than was Heartland's 2008 payment card breach.
The United States Coast Guard faces challenges in protecting the private information found in medical records of its personnel and their families, a Department of Homeland Security inspector general report says.
While companies know that attackers use deception with email-based attacks, how do they uncover an email's actual purpose or intent? Why do companies struggle in seeing beyond an attacker's deception?
Are you heading to RSA Conference 2015 in San Francisco? If so, be sure to connect with Information Security Media Group. We'll be out in full force on the Expo floor, as well as running a number of must-attend sessions and events.
White House Cybersecurity Coordinator Michael Daniel says the toughest international cybersecurity challenge facing the Obama administration is getting cooperation in coordinating responses to online crime.
Businesses targeted by ransomware attacks are increasingly willing to negotiate with - and even pay - their extortionists. But negotiating with cyberthieves is never a good idea.
The proposed rules for Stage 3 of the HITECH Act "meaningful use" electronic health record incentive program come up short on privacy and security. But regulators have time to fix that.
Some security experts are concerned that narrower risk assessment requirements in a proposed Stage 3 rule for the HITECH Act EHR incentive program could confuse healthcare entities about the importance of conducting a broad HIPAA risk assessment.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.