After the complete collapse of network security at Sony Pictures - in the wake of its data breach - it's important that we highlight some of the organization's fundamental security mistakes. Here's a macro view of the lessons we must all learn.
Sophisticated threats require advanced threat protection. A threat-focused next-generation firewall must adhere to three strategic imperatives. Learn how these imperatives improve defense against advanced threats.
Enterprises need to think beyond malware, breaches and insider threats when assessing information security. Keeping hardware up and running - available - is a crucial aspect of securing essential data.
The recent Verizon Data Breach Investigation Report notes more than 16,000 incidents in the past year where sensitive information was unintentionally exposed. "Nearly every incident involves some element of human error," the report notes.
Information security and privacy work in healthcare environments often requires a depth of specialized knowledge and competency that can be validated through the help of professional credentialing, says CISO Sean Murphy.
An address by FBI Director James Comey at the RSA security conference seems to equate civil liberties and privacy. But when he offers an example of balancing Americans' rights with cybersecurity, he mainly refers to the civil liberties, not privacy.
Covered entities and business associates will be under heightened data privacy and security scrutiny in 2014. But experts say there are several basic steps those organizations can take to ensure HIPAA compliance.
Now that he's taken on the job of CISO of a software vendor, Jennings Aske, the former info security and privacy officer at Partners HealthCare, talks about dealing with compliance issues from the new vantage point of a business associate.
Leon Rodriguez, director of the HHS Office for Civil Rights, could leave the HIPAA enforcement agency to become the director of U.S. Citizenship and Immigration Services if his presidential nomination is formalized and he wins Senate approval.
New payment card security standards issued by the PCI Council include a number of improvements, plus some glaring omissions, such as requirements for mobile, security experts say. What are their chief concerns?
When it comes to finding CISOs and other security experts for healthcare organizations, recruiters frequently are looking to those working in other sectors. Find out why - and what skills are in demand.
Top executives at healthcare organizations must take the lead in overcoming a culture that portrays privacy and security as barriers, says Joy Pritts, chief privacy officer at the Office of the National Coordinator for Health IT.
Our analysis of U.S. government labor statistics shows a sizable increase in the IT security workforce. But the way the occupation is defined may have as much to do with the increase as the number of jobs themselves.