Welcome to HealthcareInfoSecurity's HIPAA Omnibus Resource Center!

The latest news, views and education on the HIPAA Omnibus Rule, including insights on complying with modifications to the HIPAA privacy, security and breach notifications rules.

View the Full Text of Final Rule

Source: Tenda Technology Co. Ltd.

Yet Again, Vulnerabilities Found in a Router

Jeremy Kirk • July 14, 2020

It's common for security researchers to be ignored when reporting a software vulnerability. The latest example - vulnerabilities found by Independent Security Evaluators in a router made by China-based Tenda.

CISO Trainings

Fraud Thrives in a Crisis - Why The Insurance Community Needs to Stay Vigilant

Latest

3rd Party Risk Management

Third-Party Risk Management: How to Grow a Mature Program

Information Security Media Group • April 7, 2020

Enterprises globally recognize the challenge of third-party cyber risk, but they still struggle with the risk management. Dave Stapleton of CyberGRX discusses the elements of a mature program, including the role of risk ratings.

Fraud Management & Cybercrime

Social Engineering's Role in Cyber Fraud - And What We Are Doing About It

James Hatch, BAE Systems Applied Intelligence • March 26, 2020

As outlined in our Vision for Tackling Cyber Fraud last year, social engineering - a prime example of industrialized criminal deception - is leaving modern society vulnerable in two separate ways.

COVID-19

Mobility and the Government Challenge

Information Security Media Group • March 10, 2020

Federal government agencies face unique cybersecurity risks, and as a result they often place tight restrictions on mobile devices in the workplace. Michael Campbell of Privoro says it's time to loosen these restrictions because they are negatively impacting missions, recruitment and retention.

Account Takeover

The Financial Services Security Disconnect

Nick Holland • March 5, 2020

A key disconnect exists between awareness of financial services fraud schemes and mitigation, according to the latest "Faces of Fraud" survey sponsored by Appgate. Mike Lopez, vice president at the firm, describes some key findings.

Finance & Banking

Is AI The Ultimate Weapon in The Fight Against Financial Crime?

Gareth Evans • December 20, 2019

No matter how good the lock on your door, sooner or later someone can break in. When they do, how do you monitor them?

Cybercrime

NCSC Investigated 658 Serious Cybersecurity Incidents

Mathew J. Schwartz • October 23, 2019

The National Cyber Security Center, the U.K.'s national computer emergency response team, investigated 658 serious cybersecurity incidents in a 12-month period and supported nearly 900 victim organizations - most of whom learned they had fallen victim after being alerted by the center.

CISO Trainings

The Ultimate Missing Link in Cyber: Continuous Compromise Assessment

Information Security Media Group • October 16, 2019

According to Ricardo Villadiego, Lumu Technologies' Founder and CEO, organizations are "sitting on a gold mine: their own data". Under the single premise that organizations should assume they are compromised and prove otherwise, Lumu seeks to empower enterprises to answer the most basic question: Is your organization...

3rd Party Risk Management

Security Leaders Share Secret Sauce for Success with Digital Transformation

CyberArk • October 8, 2019

Join three industry practitioners to learn about the most pressing challenges of today.

Active Defense & Deception

Deception Technology: Making the Case

Information Security Media Group • September 19, 2019

Deception technology has emerged as a hot practice - but not one that is necessarily on every enterprise's budgeting radar. Don Gray, CTO of PacketViper, talks about the emergence of deception technology and how security leaders can make the case - and find the budget - for its usage.

Security Operations

SecOps Is Broken. What Can We Do About It?

Information Security Media Group • September 6, 2019

Learn how your enterprise security team can step up to the challenge of increasing daily attacks.

Security Operations

Sorting Through 'Zero Trust' Misconceptions

Tom Field • August 27, 2019

F. Ward Holloway of Forescout Technologies sorts through what he sees as common misconceptions about the "zero trust" approach to security, including the assumption that it can prove to be too costly and complex to implement.

Active Defense & Deception

Operation Soft Cell

Cybereason • August 23, 2019

In 2018, the Cybereason Research team identified a series of attacks targeting telecommunications companies. These attacks shared the same TTPs and consisted of a webshell execution followed by the deployment of Poison Ivy, a well-known RAT attributed to Chinese APT groups.