The Trump administration has eliminated the top cybersecurity coordinator role in the White House. The decision has earned a sharp rebuke from lawmakers and former government officials, who say cybersecurity demands a greater - not lesser - prominence in the federal government.
Federal regulators plan to craft a new proposal for revamping a HIPAA Privacy Rule provision for "accounting of disclosures" of electronic patient records. Updating that rule was mandated under the HITECH Act, but the modification has been in limbo since 2011.
Researchers at the University of Cambridge, via a myPersonality test on Facebook, reportedly used data from 3 million users to power a spin-off company that delivered targeted advertising services. Facebook says the app is one of 200 that it's suspended for suspicious data handling practices.
Speech recognition software vendor Nuance Communications says an unauthorized third party accessed one of its medical transcription platforms, exposing records for 45,000 people. The company has blamed the breach on a former employee, who accessed personal data from several of Nuance's clients.
Chili's Grill & Bar is warning customers that an unknown number of payment cards were compromised at an unknown number of corporate-owned locations earlier this year for a period of time it suspects lasted two months. Should Chili's have waited to alert customers until it had more information?
As recent breaches attest, today's approaches to cybersecurity are insufficient. Kim DeCarlis of Gigamon offers her views on what organizations must do differently to ensure stronger cybersecurity postures.
Eduard Goodman, global privacy officer of CyberScout, doesn't like the disorganized way most cyber incidents are handled now. Instead, he would like to see a more project management approach. Here are the benefits he foresees.
With the rise of P2P payment networks and the U.S. working toward a real-time national payments network, the push is on to battle fraudsters. Also, attackers are hacking legitimate websites to more stealthily distribute "Gandcrab" crypto-locking ransomware.
Although the National Institutes of Health is implementing strong privacy measures as it begins its effort to enroll 1 million volunteers to contribute data to its "All of Us" precision medicine research project, there are still risks involved, says privacy attorney Kirk Nahra.
The Gandcrab ransomware has been a moving target. Since it was discovered in January, it quickly became one of the most widely distributed file-encrypting malware programs. Researchers with Cisco say they've now found it seeded within legitimate websites, making its spread tougher to stop.
Adequately tracking the nonstop arrival and departure of officials in the Trump White House might require real-time, multidimensional flowcharts. But one thing is clear: The White House is facing a looming cybersecurity knowledge and expertise deficit, and that deficit may soon get worse.
Some military health facilities haven't consistently implemented security controls, putting patient data at risk, according to a new watchdog agency report. But security experts say the weaknesses are quite common at civilian health facilities as well.
Security alert: Microsoft has issued updates to fix 67 unique flaws in its products. One vulnerability in Windows VBScript engine is already being actively exploited in the wild via malicious Word documents and could also be employed for attacks via websites and malvertising, Microsoft warns.
Incident response plans must be carefully designed to meet the needs of a specific organization, says attorney Ron Raether, who outlines important legal considerations.
A coherent risk analysis program tailored to the organization is a vital component of any effort to improve cybersecurity and meet regulatory requirements, says attorney Shawn Tuma.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.com, you agree to our use of cookies.