In many states, the top information security officer champions IT security rather than dictates it, as the decisions of specific steps to take to safeguard digital assets are left to departments, agencies and commissions.
Preliminary results of our inaugural Healthcare Information Security Today survey, which is still open for participation, show that only about half of healthcare organizations have a plan in place to comply with the HITECH Act breach notification rule.
Don't miss your opportunity to participate in the Healthcare Information Security Today survey. Preliminary results show that about 40 percent of healthcare organizations rate their ability to counter security threats as poor, failing or in need of improvement.
"We face a broad threat ... and each consumer has to understand that their part in protecting both their own finances and the financial infrastructure, together, is a very large part," says Ian Harper, Pentagon Federal Credit Union.
Small businesses have room to improve when it comes to fraud prevention. And according to a recent study commissioned by TD Bank, a lack of understanding and apathy are challenges that need to be overcome.
A federal proposal that would require healthcare organizations to provide patients with a report listing everyone who has electronically accessed their records needs revamping, two regulatory experts agree.
A new, free guide on Facebook security, though geared for users, details the practices chief information security officers and other organizational security practitioners should share with their staffs to assure not only safe Internet hygiene when workers access Facebook from work, but for use with other social media...
Creating a culture of security within an organization may be on CISOs' wish lists, but it's often hard to educate and spread that message, says Justin Somaini, chief information security officer at Yahoo.
Ocean Bank failed to implement an effective BSA/AML Compliance Program, with internal controls "reasonably designed to detect and report money laundering and other suspicious activity in a timely manner," regulators say.
As social media continues to evolve and new threats continue to emerge, organizations must constantly re-evaluate their policies and conduct risk assessments, says Andrew Kennedy, who heads up social media policy for BITS.
Organizations eager to take advantage of cloud computing need to take a step back and consider many critical privacy and security issues, says Feisal Nanji, executive director at the security consulting firm Techumen.
Various committees in both houses claim jurisdiction over different aspects of IT security, and intra-house squabbling can cause a bill to get lost on its way to becoming law, says Purdue University's Eugene Spafford, who closely follows the progress of cybersecurity legislation.