In the wake of a data breach that followed a routine regulatory, a former regulator is asking why the agency failed to disclose the breach sooner, and why it has not accepted more responsibility for its error.
Lawmakers and their staffs are working behind the scenes to get one or perhaps two pieces of cybersecurity legislation enacted before the 113th Congress adjourns this month. But passage remains a longshot.
Sophisticated threats require advanced threat protection. A threat-focused next-generation firewall must adhere to three strategic imperatives. Learn how these imperatives improve defense against advanced threats.
A Florida law that takes effect July 1 toughens the state's data breach notification statute by, in part, broadening the term "personal information" to include individuals' usernames and e-mail addresses under certain circumstances.
The recent Verizon Data Breach Investigation Report notes more than 16,000 incidents in the past year where sensitive information was unintentionally exposed. "Nearly every incident involves some element of human error," the report notes.
Information security and privacy work in healthcare environments often requires a depth of specialized knowledge and competency that can be validated through the help of professional credentialing, says CISO Sean Murphy.
The No. 1 reason Congress, after five years of intensive efforts, has yet to enact comprehensive cybersecurity legislation is differences over how much liability protection to grant businesses to get them to share cyberthreat information.
An address by FBI Director James Comey at the RSA security conference seems to equate civil liberties and privacy. But when he offers an example of balancing Americans' rights with cybersecurity, he mainly refers to the civil liberties, not privacy.
Covered entities and business associates will be under heightened data privacy and security scrutiny in 2014. But experts say there are several basic steps those organizations can take to ensure HIPAA compliance.
New payment card security standards issued by the PCI Council include a number of improvements, plus some glaring omissions, such as requirements for mobile, security experts say. What are their chief concerns?
A congressional committee grilled representatives from four technology vendors providing services for the Obamacare website, questioning, for example, whether the site is putting consumer privacy at risk.