Vendors' and software makers' over-reliance on security messages and warnings has left users habituated to them, thus rendering such alerts less effective or even worthless, warns cybersecurity expert Alan Woodward.
Dick Williams, CEO of digital security firm Webroot, says the cybersecurity profession needs more than just technical experts. Learn why he says firms will seek out those who can understand the behaviors of cyber-attackers.
Many covered entities aren't taking the steps needed to reduce the risks involved when business associates access protected health information, says attorney David Holtzman, who analyzes results of the Healthcare Information Security Today survey.
An amended version of the 21st Century Cure bill has passed its first Congressional hurdle without revisions to provisions that would significantly change the HIPAA Privacy Rule. The bill also would set penalties for blocking information sharing.
Some privacy experts are concerned that a proposed "21st Century Cures" bill would weaken HIPAA privacy protections for patient data. The measure is designed to help speed up the development of new drugs and treatments.
Trying to consume threat data remains a difficult and highly manual process, says Solutionary's Joseph Blankenship. But better machine learning and artificial intelligence could make the task easier for enterprises.
In today's cloud-based and mobile-security world, data and applications regularly operate both inside and outside any supposed "traditional" network perimeter, and that makes them tough to secure, say F5 Networks' Preston Hogue and Greg Maudsley.
Why not tap a community of bug hunters to find vulnerabilities in your products? That's the pitch behind Bugcrowd, which enables thousands of bug hunters to earn prestige - and cash - for finding and reporting new vulnerabilities.
How can businesses ensure that the content coming into an application is executed safely, and that the application itself isn't under attack? That's the problem being addressed by Prevoty, says CEO Julien Bellanger.
As organizations increasingly focus on securing critical data, they mustn't overlook one huge vulnerability: enterprise email. Steven Malone of Mimecast discusses the latest in unified email management.
To mitigate the threat posed by malicious insiders or attackers who compromise real users' credentials, businesses must create and monitor a baseline of legitimate user behavior and activities, says Idan Tendler, CEO of Fortscale.