A federal appeals court has ruled in favor of victims of the 2007 Hannaford data breach. Attorney Ronald Raether explains the ruling and what it potentially means to future breached entities and their customers.
If management awareness of information security issues increases, will an organization's commitment to securing practices and policies also increase? This is the question answered by an eye-opening new study.
Every organization likes its business continuity/disaster recovery plan before a disaster, says Al Berman of DRI International. But in the aftermath? Different story - and one that must be addressed in 2012.
Healthcare organizations should carefully document all necessary breach investigation and notification actions and responsibilities to avoid chaos when an incident occurs, says Dawn Morgenstern, privacy official at the Walgreens national drugstore chain.
The threat landscape has evolved, and India's banking institutions must grow their information security strategies, says Anand Naik of Symantec, which just released a report that offers a new security agenda to institutions.
Physician group practices, many of which are adopting their first electronic health record system, need to make staff training on privacy and security issues a top priority, says Susan Turney, M.D., the new CEO at the Medical Group Management Association.
Information security threats - especially to critical infrastructures and from nation-states - are evolving. But security education curricula are struggling to keep pace, according to Eugene Spafford, renowned information security professor at Purdue University....
BITS president Paul Smocer says banks can expect an uptick in cybersecurity-focused legislation in 2012. What impact will changes from Capitol Hill have on requirements for data breach notification, information sharing and critical infrastructure?