As part of their latest COVID-19 economic relief legislation unveiled this week, Senate Republicans are proposing to allocate about $53 million to the U.S. Cybersecurity and Infrastructure Security Agency to help combat hackers targeting virus vaccine research.
Now that it's been two years since enforcement of the European Union's General Data Protection Regulation began, three attorneys - Kelsey Finch, Jonathan Armstrong and David Dumont - reflect on the lessons learned so far and the compliance gaps that still need to be addressed.
Organizations are finding it hard to achieve their security goals with the supply of highly qualified security experts being low and the demand astronomically high.
The Information Security Officer (ISO) at a large bank, serving a variety of commercial businesses, construction companies and the farming community,...
Federal regulators have slapped the Rhode Island-based health system Lifespan with a $1 million HIPAA settlement tied to a 2017 data breach involving the theft of an unencrypted laptop that potentially exposed the data of 20,000 individuals. It's the largest HIPAA enforcement action so far this year.
Any nationally chartered bank can now serve as a custodian of the cryptographic keys for a cryptocurrency wallet, according to a letter from the Office of the Comptroller of the Currency. James Wester of IDC analyzes the implications.
The New York State Department of Financial Services has filed civil charges against First American Title Insurance Co., which has been accused of exposing hundreds of millions of documents that contained customers' mortgage and personal data.
Federal regulators have slapped a small provider of discounted medical and dental services to underserved patients in rural North Carolina with a $25,000 HIPAA settlement in a case involving an email breach that occurred nearly a decade ago. It's only the second HIPAA settlement announced this year.
The U.S. Department of Justice has charged two Chinese nationals with hacking into the systems of hundreds of organizations in the U.S. and abroad. The suspects' activities allegedly included probing for vulnerabilities in systems at companies developing COVID-19 vaccines, treatments and testing tech.
Dallas County, one of the 10 largest counties in the U.S., was accustomed to an entirely on-premises workforce. Then came the pandemic. The Texas county's CISO, Michael Anderson, tells how he planned for business resiliency - and why he owes it all to frameworks.
A federal judge has dismissed a lawsuit filed against Sarrell Regional Dental Center for Public Health in the wake of a January 2019 ransomware attack that affected more than 391,000 individuals. The judge cited a lack of evidence that any data had been misused.
The U.S. should restore the position of cybersecurity coordinator at the White House because the number of threats against the nation is increasing, several security experts testified this week at a House hearing. But some Republicans question whether the move would create unnecessary bureaucracy.
Europe's highest court has invalidated the Privacy Shield, a data-sharing agreement between the EU and U.S., on the grounds that the U.S. offers insufficient protection for Europeans' privacy rights. Privacy advocates say the ruling should drive the U.S. to rethink its policies.
Britain's U-turn on Huawei, announcing that it will now ban the manufacturer's gear from its 5G networks, highlights this as yet unresolved problem: Years of underinvestment and policy failures have left Britain and its allies with no inexpensive, trusted alternative.