Health insurer Anthem had earned HITRUST Common Security Framework certification before its mega-breach. Now that the insurer has agreed to a $16 million HIPAA settlement with federal regulators, who spelled out the company's security shortcomings, it's worth scrutinizing the value of adopting a framework.
The latest edition of the ISMG Security Report features an analysis of the results of over 1,000 cyberattack investigations in the U.K. Also: an update on the proposed NIST privacy framework and a report on voter registration information for sale on the dark web.
Building on the success of the NIST Cybersecurity Framework, the National Institute of Standards and Technology is in the early stages of developing a privacy framework. The effort will kick off with a workshop Tuesday in Austin, Texas, explains Naomi Lefkovitz, who is leading the project.
Unused or unmonitored SSH keys grant alarming levels of privileged access beyond users, proliferating into your machine-to-machine communications and services. Learn how securing your SSH inventory beyond your PAM solution helps compliance with NIST, FISMA, and CDM along with five steps you can take today to...
The cyberthreat landscape is rapidly changing. As attacks continue to increase in volume and sophistication, agency defenses also must evolve.
In order to do so, many agencies are moving toward a more holistic, analytics-driven approach to security. By gaining an end-to-end view of what's happening inside an agency...
A new council of healthcare CISOs hopes to work together toward improving uniformity and efficiency in the way organizations review the security controls and practices of third-party vendors that handle sensitive patient data.
Companies that want to continue doing business globally will need to take privacy much more seriously, especially in light of increasingly strict new laws, ranging from the California Consumer Privacy Act to the EU's GDPR, says privacy and security expert Michelle Robles.
The National Cybersecurity Center of Excellence (NCCoE) at NIST has created a series of free resources touting best industry practices that utilize the latest technology, automation and system controls to guide industry professionals through minimizing their cyber risks and identifying threats. These practices go a...
Since its inception the NIST Cybersecurity Framework has been embraced across geographies and sectors. Trend Micro's Ed Cabrera talks about how to maximize the framework as a baseline for improving cybersecurity posture.
"It's incredibly important today, in this dynamic threat environment, that organizations build...
Since its inception the NIST Cybersecurity Framework has been embraced across geographies and sectors. Trend Micro's Ed Cabrera talks about how to maximize the framework as a baseline for improving cybersecurity posture.
The latest iteration of the NIST Cybersecurity Framework is designed to help bring those who aren't experts into the cybersecurity conversation, says Matthew Barrett of the National Institute of Standards and Technology. He outlines the expanded scope in version 1.1
Organizations across regions and sectors are rapidly adopting the NIST cybersecurity framework, and Symantec has embraced it internally and for external clients. Symantec's Ken Durbin discusses the benefits.
What are the strengths and weaknesses of U.S. federal security strategy? Sean Frazier of Duo Security, provides an assessment and addresses why adaptation to the cloud is paramount.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.