House Cybersecurity Caucus Co-Founder Jim Langevin, D-R.I., says President Obama's cybersecurity legislative package is a step in the right direction, but lacks the stricter regulation needed for businesses that run critical IT infrastructures.
Many organizations are unprepared to adequately respond to a breach, security expert Bob Chaput says. "Breach notification planning is just a fundamental, basic part of risk management in the new millennium," he adds.
Card-issuing banks struggle to find the balance between consumer satisfaction and protection. And in the wake of the Michaels breach, the financial industry knows it has to make a change. One industry expert says stronger card authentication is the answer, and he favors chip-based or EMV-like solutions.
The recent Sony and Epsilon breaches sent a strong reminder that companies lack transparency and aren't prepared to respond to a breach once it occurs, says Kirk Herath, Chief Privacy Officer at Nationwide Insurance Companies.
Federal authorities have issued a detailed notice of proposed rulemaking that sets out guidelines for how patients must be provided with an accounting of who has viewed their protected health information.
"Ethical hacking" - is the term an oxymoron, or is it one of today's necessities in the fight against cybercrime? Jay Bavisi, president and co-founder of the EC Council, feels strongly about why we need ethical hackers more today than ever before.
Two stories stand out when I look back on the month of May: the POS PIN pad swap scheme that hit Michaels crafts stores in more than 20 states and the insider job at Bank of America that led to $10 million being stolen from some 300 customer accounts.
In a continuing effort to build a Standards and Interoperability Framework to help ease health information exchange, the Office of the National Coordinator for Health IT has launched two projects involving authentication issues.