The hacktivist group Anonymous allegedly threatened to "erase the New York Stock Exchange" from the Internet on Oct. 10. How credible is the threat, and how should security leaders respond?
All 4.9 million TRICARE military health plan beneficiaries that were affected by a recent data breach will be notified by mail, but they won't be offered free credit monitoring services.
"With a company-issued device, you can issue a policy that says users have no rights of privacy over information on the device," says Javelin's Tom Wills. But with employee-owned devices? A whole new set of issues.
From the earthquake in Japan to Hurricane Irene in the U.S., organizations worldwide have found their business continuity and disaster plans tested. But what lessons must we draw from these incidents?
By December 6, 2011, all federal agencies must develop a compliance plan for how they will identify and protect Controlled Unclassified Information (CUI). Is your agency ready?
In this white paper, Patricia Hammar, executive secretary of the CUI Presidential Task Force, provides expert advice on developing a CUI...
Elayne Starkey recently gave up her BlackBerry for an iPhone, and uses the Apple mobile device for personal and work doings, securely connecting to the computer system of her employer, the state of Delaware.
About 4.9 million patients treated in San Antonio area military treatment facilities since 1992 have been affected by a health information breach involving the theft of backup tapes for electronic health records.
With the announcement of a breach affecting 4.9 million patients in the Defense Department's TRICARE healthcare program, there have now been five incidents that each affected at least 1 million individuals since the HIPAA breach notification rule took effect.
The certificate authority system is flawed. It's like the Wild West, disjointed and unregulated, where no enforcement exists for standardized accountability.
In the areas of risk management and business continuity, security professionals have advanced significantly since Sept. 11, 2001. But there's still an issue of complacency that needs to be addressed, says Rolf von Roessing, past international vice president of ISACA.
Hacks are unavoidable; they happen. The challenge is how to handle them once they occur. DigiNotar demonstrates what organizations should not do when a breach is discovered.
"Forensics in the cloud is not necessarily a new field, but requires a new skill set and being able to learn on the fly," says Rob Lee, curriculum lead for digital forensics at SANS Institute.
A look at the health information breach statistics and the lessons learned - including the value of encryption - two years after the HITECH Act breach notification rule took effect.
Disaster preparedness has come a long way since the 9/11 terrorist attacks, but most organizations are still missing the mark, says Kevin Sullivan, former investigator with the New York State Police.
Breach notification laws in most states would be preempted if a bill approved by the Senate Judiciary Committee becomes law. But that's a big if because of GOP objections, such as those voiced by the panel's ranking member, Charles Grassley.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.
