A lot of the risk to an organization's reputation is caught up in how an organization is able to respond to a cyber attack. Over the years, organizations have suffered serious consequences from a cyber attack. They've lost a lot of data, and the public response to those incidents has really further damaged the...
In its second HIPAA enforcement action for 2017, HHS has slapped an insurer with a $2.2 million settlement in the wake of a relatively small breach, citing the company's lack of timely corrective action.
Although HIPAA requires healthcare organizations to conduct a periodic security risk analysis focused on systems containing PHI, larger entities should also perform more comprehensive security self-assessments, advises CISO David Loewy of SUNY Downstate Medical Center, who explains his approach.
Do your competitors and peers have a better cybersecurity game plan than you? If simply answering that question seems exhausting, this eBook is here to help.
Today's chief information officer knows they can't outsource risk. Yet every year, cyber risk demands more and more time from the already-busy CIO.
This...
Do your competitors and peers have a better cybersecurity game plan than you? If simply answering that question seems exhausting, this eBook is here to help.
Today's chief information officer knows they can't outsource risk. Yet every year, cyber risk demands more and more time from the already-busy CIO.
This...
"How secure are we?" That's one of the most common questions asked by boards and senior managers. But security and technology leaders do not always have ready answers, says Jacob Olcott of BitSight Technologies. Are they even using the right security metrics?
In an interview about cybersecurity metrics, Olcott...
Markus Jakobsson, Chief Scientist at Agari, has released a new book focused on socially-engineered schemes. What are the key takeaways, and how can security leaders improve their abilities to fight back against the schemers?
TalkTalk's confusion in the wake of its recent data breach, as well as mangling of technical details and failure to encrypt customer data, demonstrate the importance of having an incident-response plan ready in advance of any breach, experts say.
BitSight Technologies is out with its annual Industry Benchmark Report, and cybersecurity ratings are low for the energy and utilities industry. BitSight's Mike Woodward shares insights for all sectors.
Without the ability to benchmark security performance against peers and industry averages, businesses can suffer from optimism bias.
To understand optimism bias of cybersecurity performance, we asked IT professionals about their organization's performance
relative to industry peers. Survey respondents included IT...
EdgeWave's Mike Walls, a former bomber pilot who led Navy red teams, says penetration testing is useful in analyzing bits and bytes but not the readiness of operations under attack from cyberspace. Red teams, he says, can analyze the impact on operations.
After helping a hospital to pass an audit that assessed compliance with requirements of the HITECH Act "meaningful use" electronic health record incentive program, CISO Mitch Stewart offers this audit prep advice: Beef up your risk assessment.
Some healthcare associations are seeking more clarity from federal regulators about security and privacy requirements proposed for Stage 3 of the HITECH Act "meaningful use" incentive program for electronic health records. Find out their concerns.
With federal regulators moving closer to restarting the delayed HIPAA compliance audit program, now is the time for covered entities and business associates to prepare for potential scrutiny, says healthcare attorney Brad Rostolsky.
White House Cybersecurity Coordinator Michael Daniel says the toughest international cybersecurity challenge facing the Obama administration is getting cooperation in coordinating responses to online crime.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing omnibus.healthcareinfosecurity.com, you agree to our use of cookies.
