One reason why so many healthcare organizations are not well-prepared to counter security threats is that "key leadership has not bought into the whole process," says Bob Krenek of ExperianÂ® Data Breach Resolution.
Penetration tests that demonstrate how an unauthorized user could gain access to patient information can be effective in winning support for a bigger information security budget, says David Kennedy of Diebold, Incorporated.
When it comes to responding to today's high-profile information security incidents, technical abilities simply aren't enough, says Gavin Reid of Cisco's Computer Security Incident Response Team. Here are the five must-have skills for today's incident response professionals.
While the debate over privacy swirls, the actual voice of the consumer is rarely heard. Until now. And what the consumers have to say in new research about privacy notices and data usage may surprise you.
"With a company-issued device, you can issue a policy that says users have no rights of privacy over information on the device," says Javelin's Tom Wills. But with employee-owned devices? A whole new set of issues.
In the areas of risk management and business continuity, security professionals have advanced significantly since Sept. 11, 2001. But there's still an issue of complacency that needs to be addressed, says Rolf von Roessing, past international vice president of ISACA.
The Sept. 11 terrorist attacks struck the U.S., but the impact and lessons affected the world and the entire information security profession, says Rolf von Roessing, past international vice president of ISACA.
A new California law requires that organizations experiencing a data breach provide more detailed information to the individuals affected. The law, which covers breaches involving financial, healthcare and other personal information, goes into effect Jan. 1.