The letter - written by Reps. Marsha Blackburn, R-Tenn., and Steve Scalise, R-La., sees the executive order as imposing a backdoor regulatory framework in such a non-transparent fashion that it would create a dangerous precedent.
A draft of new guidance intended to be a blueprint to validate and implement a secure infrastructure as a service cloud computing offering has been issued by the National Institute of Standards and Technology.
As the recent PATCO case shows, fraud litigation is moving away from just establishing damages. The key legal question now is: What is reasonable security? Attorneys discuss the 2013 fraud legal landscape.
Most U.S. Defense Department contractors would be required to report a data breach to the Pentagon under provisions of the National Defense Authorization Act agreed to by a House-Senate conference committee.
A breach that resulted in a $1 million HIPAA settlement led Partners Healthcare in Boston to take many significant steps, including merging its privacy and security efforts, says CISO Jennings Aske. More changes are planned for 2013.
A presidential executive order on cybersecurity under White House review, if issued, might help ease passage of cybersecurity legislation in the 113th Congress, which convenes in January, despite Republican objection to such a decree.
The individual implementing security - the chief information officer - can't be the same as the person responsible for testing security, conducting audit and reporting on security weaknesses, South Carolina Inspector General Patrick Maley says.
President Obama has proclaimed December as Critical Infrastructure Protection and Resilience Month, and is using that declaration to continue his campaign to get Congress to enact comprehensive cybersecurity legislation.