Welcome to HealthcareInfoSecurity's HIPAA Omnibus Resource Center!

The latest news, views and education on the HIPAA Omnibus Rule, including insights on complying with modifications to the HIPAA privacy, security and breach notifications rules.

View the Full Text of Final Rule

The Evolution of Online Fraud in 2023 and Best Practices to Plug the Gaps

Tony Morbin • September 20, 2023

Vice President at Appgate, Mike Lopez, offers his expert analysis on the survey findings and how this year's results were unique to the most current cyber threats.

Advanced SOC Operations / CSOC

On Demand | The time for automation is now: How your attackers are using automation and why you need to get on board

►

Black Hat

CNAPPs Emerge as a Game Changer in Cloud Security

Governance & Risk Management

Evolving Cybersecurity: Embrace an Infinite Defense Strategy

Endpoint Security

On Demand | The evolution of complex threats: Defining a modern and sophisticated threat and what that means for your SOC

Security Operations

On Demand | With more data, comes more responsibility: The open nature of XDR and cross-domain telemetry

Black Hat

Securing Applications, Accelerating DevOps With Clean Code

Artificial Intelligence & Machine Learning

Gen AI: Why Organizations Need to Weaponize the Weapon

Latest

Threat Activity Clusters: Defenders' Way to Fight Ransomware

Michael Novinson • August 18, 2023

Threat clusters can be used to identify patterns of malicious behavior that traditional attribution in cybersecurity strategies could miss. These patterns can be used to develop early warning systems and prioritize resources for investigation and response, said John Shier, field CTO at Sophos.

Black Hat

KillNet: The Next-Generation DDoS Group?

Tom Field • August 18, 2023

DDoS attacks often disrupt the normal functioning of a targeted server, service or network by overwhelming it with a flood of traffic. KillNet, a collective of Russian-aligned hacktivists known for its DDoS attacks, gained attention by successfully taking down several U.S. government websites.

Artificial Intelligence & Machine Learning

Navigating the Security Landscape of Generative AI

Tom Field • August 18, 2023

The advent of generative AI has increased the importance of enterprise browsers as the interface through which users interact with this technology. Enterprise browsers have gained prominence with their role in organizational workflows, which had been somewhat overlooked in the past.

Artificial Intelligence & Machine Learning

Seamlessly Curate Software Packages Entering Your Organization

August 17, 2023

Artificial Intelligence & Machine Learning

Convergence of Cyber and Physical Security for a Safer World

Tom Field • August 17, 2023

Historically, IT and physical security teams have served in separate areas, but that is changing due to emerging threats such as a drone that landed on a firm's roof to steal data. Both teams need to be alerted to threats, said Kelly Rein, senior director of product at Claro Enterprise Solutions.

AI in XDR: When Does It Make Sense?

AJ Shipley, Vice President, Product - Threat Detection & Response • August 8, 2023

ChatGPT set the world on fire six months ago, and since then a slew of companies have released features or products built on or around generative AI - some of them completely legitimate and some of them little more than snake oil. Does AI makes sense everywhere for everything? Absolutely not.

Cisco Secure Access: SSE That Enables the Business

Jeff Scheaffer, Vice President of Product Management (SSE, SASE and Security Cloud) • August 8, 2023

Cisco Secure Access is a security service edge solution that delivers zero trust access to efficiently solve today's challenge of safely connecting anything to anywhere and reimagines the experience to make it better for users, easier for IT and safer for everyone.

Application Security & Online Fraud

What You Should Know About Open Source License Compliance for M&A Activity

Sam Quakenbush • August 1, 2023

Companies are increasingly concerned about the security of applications built on open source components, especially when they’re involved in mergers and acquisitions. Just like copyright for works of art, each piece of open source software has a license that states legally binding conditions for its use. Licenses...

Application Security & Online Fraud

Why Open Source License Management Matters

Adam Murray • August 1, 2023

The ongoing rise in open source vulnerabilities and software supply chain attacks poses a growing threat to businesses, which heavily rely on applications for success. Between 70 and 90 percent of organizations’ code base is open source, while vulnerabilities such as Log4j have significantly exposed organizations...

Fraud Management & Cybercrime

Faster Payments, Faster Fraud - and Emerging Solutions

Tom Field • July 27, 2023

It has become a cliche in payments circles: Faster payments equals faster fraud. But John Filby and Yogesh Patel of Outseer say behavioral biometrics and generative AI are among the emerging technologies fueling new ways to empower layered defenses.

Endpoint Security

Security Alert: Exploit Chain Actively Hits ColdFusion

Mathew J. Schwartz • July 18, 2023

Warning: Hackers are actively exploiting a flaw in Adobe's ColdFusion rapid web application development platform to execute malicious code. While Adobe attempted to patch the flaw, researchers say attackers appear to have found a way to bypass it by chaining together multiple flaws.

Cloud Security

Public Sector Cloud Security: Key Questions to Be Answered

Tom Field • July 14, 2023

As U.S. government agencies migrate operations and apps to multi-cloud environments, there are lessons learned to be gained from their private sector counterparts. John Sellers of Cisco shares some of these lessons, as well as questions government security leaders need to be asking about the cloud.