As federal regulators reveal details for the next phase of HIPAA compliance audits, security and privacy experts give the plan mixed reviews. Find out what experts like and don't like about the proposals.
Three years ago, trust on the Internet - or the lack thereof - focused, in part, on the faceless hacking groups such as Anonymous and LulzSec. Today, we have a face for this lack of trust, and it looks a lot like Uncle Sam and a Chinese Red Army cybersoldier.
In the wake of recent high-profile retail breaches, the PCI Security Standards Council is supporting a move toward chip card technology that conforms to the Europay, MasterCard, Visa Standard, says General Manager Bob Russo.
President Obama has reportedly decided that the government shouldn't exploit encryption flaws, such as Heartbleed, in most instances unless there's "a clear national security or law enforcement need." But how should that need be determined?
Media reports indicate HHS Secretary Kathleen Sebelius is resigning from her post. The news follows months of scrutiny over the HealthCare.gov site launch, which experienced disruptions and gaps in security.
The FFIEC just issued new guidelines on DDoS risks to U.S. banking institutions. What is the substance of these guidelines, and how must banks and credit unions respond? Rodney Joffe of Neustar offers advice.
In many if not most enterprises, the chief information security officer reports to the chief information officer. After all, enterprises cannot function without IT, and security is a support function to safeguard data and systems. Or is it?
Information security and privacy work in healthcare environments often requires a depth of specialized knowledge and competency that can be validated through the help of professional credentialing, says CISO Sean Murphy.
At a Senate hearing, GAO previewed a report that shows cyber-incident response shortcomings at federal agencies. And the FTC chair asked Congress for broad authority in enforcing a federal data breach notification law - if one is enacted.
A politically conservative watchdog group has filed a lawsuit in an attempt to get answers to its questions about the security of HealthCare.gov, the website for Obamacare. Meanwhile, HHS says the site has had no security incidents.