In the age of payment card breaches, PCI compliance is a top priority for merchants and organizations that process electronic payments. But what difference does it make when its PCI compliance in the cloud? Steve Neville of Trend Micro shares insight.
Too many security awareness and education programs fail because they're boring, says Lance Spitzner, research and community director for the SANS Institute's "Securing the Human" program. Read his suggested fixes.
LabMD's recent victory in its long legal battle with the Federal Trade Commission will be short-lived, the medical testing lab's CEO predicts. Find out why, and what changes Michael Daugherty hopes the case will bring to FTC's enforcement practices.
As the unfolding investigation into the Paris attacks shows, just sharing threat-related data - without adding the crucial context that turns it into actionable intelligence - won't help organizations block attacks.
Several recent data breaches involving email mishaps serve as a reminder of precautions that healthcare entities must take with protected health information contained in digital communications that are sent or received by their organizations.
The annual Black Hat Europe conference this year once again brought together numerous information security aficionados in Amsterdam for the latest training and security insights. Here are visual highlights from the conference.
As the Department of Health and Human Services gears up for its second round of HIPAA compliance audits, the focus will shift to using these audits for potential enforcement actions, including financial settlements, predicts attorney Anna Spencer.
Here's how police and intelligence officials in Europe and the United States are collaborating to identify and disrupt the network of people that planned, supported and launched the Nov. 13 terror attacks in Paris.
The FFIEC's updated guidance for bank examiners, released this week, stresses that executives and boards of directors must approve IT plans that contain strategies for addressing emerging and ongoing cyber threats.
Hartford Hospital and its business associate, EMC Corp., have agreed to pay a fine as part of a health data breach settlement with Connecticut's attorney general. Learn about the size of the financial penalty and other settlement details.
The U.K. government's response to whistleblower Edward Snowden's warnings that the U.S. and Britain had created a massive surveillance state has been to attempt to codify and expand those surveillance powers while also debating oversight and related matters in public for the first time.
The Cybersecurity Information Sharing Act of 2015, which the Senate recently passed, contains detailed provisions designed to help the healthcare sector fight cyberattacks, explains Samantha Burch of HIMSS, who offers an analysis.