Security threats to healthcare organizations are on the rise - and so are regulatory requirements. Kim Singletary of McAfee discusses the top breach prevention and response challenges for healthcare organizations in 2013.
President Obama devoted 26 words to cybersecurity in his 2012 State of the Union address. What will he say this year? We asked IT security experts to play speechwriter, and here's what they would have the president say to Congress on cybersecurity.
Security leaders have a firm grasp on their technology controls and processes as they continue into 2013. It's addressing the vulnerabilities in people that remains the outstanding challenge of the year.
The new measure would require banks, healthcare providers, social media companies, search engines and other e-commerce entities operating in Europe - even those based elsewhere - to report breaches to national authorities.
It isn't just a staffing shortage that stops organizations from building cyberteams. It's a skills crisis, says SANS Institute founder Alan Paller, who tells why now is the ideal time to fill top roles with qualified professionals.
Ron Ross, the NIST computer scientist who heads the initiative that is revising the guidance, characterizes the updated publication as the most comprehensive one since the initial catalogue of controls was issued in 2005.
How can security pros help organizations prevent breaches and data loss? The Online Trust Alliance has released its latest guide to data protection and breach readiness, and OTA founder Craig Spiezle offers tips.
Although suggestions in a new Federal Trade Commission staff report do not have the force of law, they do provide guidance on how the agency could enforce American federal laws and regulations to protect the privacy of users of smart phones and tablets.
"This is our life for the future," DHS's Mark Weatherford says. "Bad guys are figuring out that they can create this kind of havoc at almost [no] cost for themselves. It is more than just a distraction; it is now the way we operate."
A quick glance at a new survey suggests that businesses care more about protecting the privacy of their customers than governments do about their citizens. That's what the numbers say. But the numbers don't necessarily tell the whole story.
Using technology to prevent breaches is insufficient. Security leaders also must address the human factor, making sure staff members receive appropriate training on clear-cut policies - before it's too late.
Managing advanced persistent threats will be a priority throughout 2013, says RSA CISO Eddie Schwartz. How should organizations defend themselves against APTs and the year's other top security threats?