Healthcare security professionals often fail to conduct comprehensive, timely risk assessments, as required by regulators. But security expert Kate Borten says they can leverage new guidance to help get the job done.
"A cyberattack perpetrated by nation states or violent extremists' groups could be as destructive as the terrorist attack on 9/11," U.S. Defense Secretary Leon Panetta says. "Such a destructive cyber-terrorist attack could virtually paralyze the nation."
Infosec pros take note: As the overall number of "true exploits" have decreased, targeted ones - especially those initiated by criminals or nation states - are becoming harder to detect, say IBM's Rick Miller.
The gut feeling many people have about their physical security hasn't quite developed in the digital world, presenting a challenge for homeland security officials, says State of Delaware Homeland Security Adviser Kurt Reuther.
NIST's Ron Ross, one of the world's top information risk thought leaders, says new guidance he co-wrote doesn't dictate how organizations must approach risk assessment, but gives enterprises options on how to conduct risk appraisals.
The guidance discusses methods, techniques and best practices for the sanitization of target data on different media types and risk-based approaches organizations can apply to establish and maintain a media sanitization program.
The new report aims to help access-control experts improve their evaluation of the highest security access-control systems by discussing the administration, enforcement, performance and support properties of mechanisms that are embedded in each system.
In the past, just writing "privacy pro" on a business card could get you into the field. "That's not the case today," says the IAPP's Trevor Hughes, who details today's challenges for privacy professionals.
"With the increasing breadth and depth of cyberattacks ... risk assessments provide important information to guide and inform the selection of appropriate defensive measures so organizations can respond effectively," guidance coauthor Ron Ross says.