Federal regulators issued a report about weaknesses found in an audit of Premera Blue Cross' systems about a month before an attack by hackers against the health insurer apparently started. Could those weaknesses have opened the door to an attack?
Mattel will sell a cloud-connected $75 "Hello Barbie" doll that can "listen" to what kids are saying and talk back. But security experts warn that anything that connects to the Internet can - and will - be hacked.
Is your organization running its anti-malware defenses properly? Don't be so sure. A new study finds that essential features built into anti-virus software are not always being used. From an information security standpoint, that's a serious problem.
The Department of Homeland Security's inspector general is protesting redactions made by the Transportation Security Administration to a security audit of DHS information systems at New York's JFK airport.
North Korean leader Kim Jong-un was set to star in a satirical video game, in which he battled the forces of imperialist oppression with the help of unicorns and narwals - until hackers apparently disrupted game development.
The HHS Office for Civil Rights still has plenty of work to do before it can launch its long-promised next round of HIPAA compliance audits, says Director Jocelyn Samuels.
Healthcare organizations and their business associates need to make three important resolutions in 2015 to better safeguard patient data and avoid the enforcement wrath of regulators.
Who hacked Sony? Not us, say the North Koreans, ending days of silence. As Deloitte becomes the latest victim of the G.O.P. gang that's claimed credit, one thing is certain: Sony won't have to buy the movie rights to this hacking story.
Put together, two IRS audits illustrate a major concern many security pros have about FISMA audits: They're checklists of whether organizations comply with regulations that require specific processes but do not determine if the processes are effective.
Federal government auditors have identified weaknesses in the technical controls protecting the security of the federally run Obamacare HealthCare.gov website and systems, which they say create increased and unnecessary risks.
The 9/11 Commission, in its 10th anniversary report, cautions Americans and the U.S. government to treat cyberthreats more seriously than they did terrorist threats in the days and weeks before Sept. 11, 2001.
To protect their privacy, organizations should get their IT security staffs involved in vendor-requested audits conducted to verify software licensing agreement compliance, says Gartner Research Director Victoria Barber.
Securities and Exchange Commission CIO Thomas Bayer fesses up, in response to a GAO audit, that the SEC could have done a better job keeping track of IT security work performed by contractors.
Three years ago, trust on the Internet - or the lack thereof - focused, in part, on the faceless hacking groups such as Anonymous and LulzSec. Today, we have a face for this lack of trust, and it looks a lot like Uncle Sam and a Chinese Red Army cybersoldier.
The No. 1 reason Congress, after five years of intensive efforts, has yet to enact comprehensive cybersecurity legislation is differences over how much liability protection to grant businesses to get them to share cyberthreat information.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.com, you agree to our use of cookies.