Welcome to HealthcareInfoSecurity's HIPAA Omnibus Resource Center!

The latest news, views and education on the HIPAA Omnibus Rule, including insights on complying with modifications to the HIPAA privacy, security and breach notifications rules.

View the Full Text of Final Rule

Kevin Stewart, F5 Networks

Orchestrating SSL Visibility

Information Security Media Group • February 13, 2019

The good news for security leaders: Because of SSL/TLS, nearly every bit of web data in transit is now encrypted. The bad news: Threat actors are now masking their attacks inside of encrypted traffic. Kevin Stewart of F5 Networks explains why network visibility is not enough to detect these attacks.

Anti-Fraud

New Faces of Fraud: Survey Analysis

Application Security

Embracing Digital Risk Protection: Take Your Threat Intelligence to the Next Level

Advanced SOC Operations / CSOC

Malware Analysis for Blue Teams

Latest

Cybercrime

Cybercrime Conference Returns to Dublin

Mathew J. Schwartz • November 20, 2018

The 10th annual IRISSCERT Cyber Crime Conference, to be held Thursday in Dublin, promises to round up crime trends and also offer updates on incident response lessons learned, spam fighting and even cybersecurity essentials for children.

Cloud Security

Digital Transformation Puts Tremendous Pressure on IT Security; A CISO Perspective

Information Security Media Group • October 25, 2018

Digital transformation is putting tremendous pressure on IT security. Whether it's discovering short-lived assets (e.g., containers), assessing cloud environments or maintaining web application security, IT security priorities do not have to be at the mercy of digital business initiatives.

Bring Your Own Device (BYOD)

Mobile Threats: Myths and Realities

Information Security Media Group • October 1, 2018

There is greater awareness to the proliferation of mobile threats, and yet many organizations still underestimate their own vulnerabilities. Brian Duckering of Symantec discusses the rise and maturity of mobile threat defense.

Cloud Access Security Brokers (CASB)

It's Time to Move Endpoint Security to the Cloud

Carbon Black • September 5, 2018

Traditional endpoint products are holding organizations back. 's time to move your antivirus to the cloud.

Anti-Fraud

Sophisticated Online Attacks: An In-Depth Analysis

M.K. Palmore , Dan Woods • August 31, 2018

Hear from the FBI on the tenets of cyber defense and current trends in cybercrime. Then, learn from Shape Security about a specific type of cybercrime: imitation attacks.

Containerization & Sandboxing

CISO Panel Webinar: Reducing the Cyber Exposure Gap from Cloud to Containers

Information Security Media Group • August 24, 2018

Anti-Fraud

Disrupting the Economics of Cybercrime

Nick Flont • August 21, 2018

Cybercrime is a business and, like any business, it's driven by profit. But how can organizations make credential theft less profitable at every stage of the criminal value chain, and, in doing so, lower their risk?

Data Breach

Ransomware Attack Leads to Discovery of Lots More Malware

Marianne Kolbasuk McGee • July 27, 2018

A family care clinic in Missouri says those investigating and mitigating a recent ransomware attack discovered that its systems were "loaded with a variety of malware programs." Experts say such post-breach discoveries are common.

Cybersecurity

How to Use the NIST Cybersecurity Framework

Josh Mayfield • June 8, 2018

By focusing on the cybersecurity actions, NIST CSF can be flexibly deployed regardless of the setting or industry.

Compliance

Procrastinators' Guide to GDPR Compliance

Mark McGlenn • May 21, 2018

If you're paying attention, you've probably already seen a handful of GDPR-related headlines just today, let alone in the last week or month. But there are two good reasons for the deluge of GDPR discussion right now: It's incredibly important and the time to act is now.

Cybersecurity

A New Way to Handle Cyber Claims

Information Security Media Group • May 11, 2018

Eduard Goodman, global privacy officer of CyberScout, doesn't like the disorganized way most cyber incidents are handled now. Instead, he would like to see a more project management approach. Here are the benefits he foresees.