Panera Bread appears to have failed to fix a customer data leak for more than eight months after getting a heads-up from an independent security researcher. Here's what others should learn from the bakery café chain's mistakes.
With the explosion of laptops, IoT, tablets, smartphones and other smart technologies, endpoints are the single largest group of devices inside your network today. Managing all of your assets and their software requires three foundational steps.
As more data moves to the cloud, and cyberattacks multiply, organizations need to adopt an alternate paradigm of security, says Nikhil V. Bagalkotkar, a virtualization specialist at Citrix, who describes a new approach.
Although more organizations are adopting cloud access security broker technology, CASB policy templates and runbooks, as well as best practices, are still evolving, says Rohit Gupta, group vice president for cloud security products at Oracle Corp.
When working with cloud service providers, healthcare organizations must take responsibility for security practices rather than relying on the vendor, says Sonia Arista, a security consultant who formerly was CISO at Tufts Medical Center. She's a featured speaker at the HIMSS18 conference.
Cybersecurity will again be in the spotlight at this year's Healthcare Information and Management Systems Society conference, March 5 to 9 in Las Vegas. The event will feature numerous CISO presentations, updates from regulators and displays of the latest technologies.
With advances in big data, artificial intelligence, machine learning and more, healthcare is primed to innovate. But do HIPAA, GDPR and other regulatory standards inhibit the ability to innovate? Scott Whyte of ClearDATA discusses healthcare's complex convergence of innovation and compliance.
The struggle is real as DoD moves from DIACAP to RMF. System owners are challenged to adopt technology that can address the more dynamic controls required by RMF.
Learn how to get help from defense agencies to monitor and assess their systems for RMF compliance by automating the gathering, analysis and reporting of...
A class action lawsuit filed against Allscripts in the wake of a ransomware attack that recently disrupted patient care at hundreds of healthcare practices will spotlight a variety of critical security and legal issues, says Steven Teppler, the plaintiffs' attorney, in this in-depth interview.
In the wake of a ransomware attack that disrupted patient care services for hundreds of Allscripts' customers, a class action lawsuit has been filed against the cloud-based electronic health records vendor for allegedly "failing to secure its systems and data from cyberattacks."
A ransomware attack on electronic health records vendor Allscripts late last week is a reminder of the potential disruption to patient care delivery healthcare entities can face if a cloud-services provider suffers a cyberattack. It also points to the need for business continuity planning.
Following the alert over Meltdown and Spectre vulnerabilities, the U.K. Information Commissioner's Office is warning that failures to patch today could be punished with fines under GDPR once enforcement of the data protection law begins later this year.