Healthcare entities need to think more strategically about managing risk by implementing a robust cybersecurity framework such as the National Institute of Standards and Technology's CSF, said Bob Bastani, cybersecurity adviser at the Department of Health and Human Services.
The Department of Health and Human Services and the Health Sector Coordinating Council on Wednesday published an updated toolkit that aims to help healthcare entities align security programs with the National Institute of Standards and Technology's Cybersecurity Framework.
As data extends well beyond on-premises infrastructure into multi-cloud and hybrid cloud environments, IT and security teams are looking for ways to better manage the entire data lifecycle. A key piece of these efforts is to reduce risk without compromising user productivity.
A variety of technology and tools exists...
U.S. President Joe Biden signed into law the Quantum Computing Cybersecurity Preparedness Act, designed "to encourage the migration of federal government IT systems to quantum-resistant cryptography" by ensuring they prepare strategies now for implementing forthcoming cryptography standards.
Healthcare providers and their vendors often fear federal regulatory action, but do fines and corrective action many any difference at all? As breach cases have nearly doubled since 2018, federal fines dropped 93% in 2022, and some say the agency is understaffed and crippled by legal challenges.
Achieving Zero Trust compliance can feel like an ever-growing to-do list as regulatory requirements are continuously updated, often difficult to understand, and even harder to implement. If you don’t know where to start, some of the most basic yet difficult challenges can include trying to monitor and measure the...
A White House agency today told U.S. federal government IT vendors they must attest to using secure software development techniques. Self-attestation "is a bit of a compliance activity, but it's a pretty light compliance activity," says former federal CISO Grant Schneider.
For Cloud Service Providers (CSPs), FedRAMP authorization is the key to accessing the enormous Federal market, tapping into new revenue streams, and making cloud service offerings available for agency adoption and expansion. However, the associated high costs, extensive timelines, and operational burdens can often be...
New draft guidance from the National Institute of Standards and Technology - if properly applied by HIPAA regulated entities - could help organizations avoid fines and similar enforcement actions by regulators in the wake of breaches, some experts say.
Determine how the NIST Framework can fit into your security structure and start taking proactive steps to protect critical assets from rising and evolving threats.
While the past two years have proved to be a watershed moment for cloud adoption, the fear of 'unknown unknowns,' to some extent, hampered its growth. Security practitioners are concerned whether investments in infrastructure-as-a-service (IaaS) or platform-as-a-service (PaaS) are endangering their security or...
The U.S. National Institute of Standards and Technology has revised its guidance for organizations to counter supply chain risks. The new document addresses how to identify, assess and respond to cybersecurity risks throughout the supply chain at all levels of an organization.
Identity experts urge the Biden administration to accelerate the deployment of mobile driver's licenses and ensure identity theft victims get direct assistance. These are among the four items experts say must be added to an upcoming executive order focused on preventing and detecting identity theft.
While approximately ⅔ of infosec professionals believe that staffing shortages are putting their organizations at risk, the depth of the cybersecurity skills gap is both wider and deeper than is often fully appreciated. From the myriad of complicated technologies we expect our security experts to implement and...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.
