Federal CIO Steve VanRoekel says the freeze extension would "reinforce the importance of curtailing the proliferation of standalone .gov sites and infrastructure. Should agencies need to establish new web content during this timeframe, they should leverage existing .gov sites."
Healthcare organizations entering cloud computing contracts should carefully consider whether they need additional liability insurance coverage to address the risks involved, says IT consultant Gerard Nussbaum.
A federal proposal to require healthcare organizations to provide patients with access reports listing everyone who has electronically viewed their information is impractical, says Dan Rode of the American Health Information Management Association.
Debit fraud and skimming are growing problems, and they're why California-based Fremont Bank is switching from mag-stripe to chip-based debit cards, says Chris Olson, the bank's chief operating and enterprise risk officer.
A months-long investigation led Australian investigators to more than 50 stolen POS terminals, dozens of card skimmers and more than 18,000 blank and counterfeit cards. So far, 25 people have been arrested and charged for their parts in the alleged scheme.
Eduardo Perez says, simply, the "time was right" for Visa's introduction of chip-based payments incentives for U.S. merchants. Visa's new mobile-to-EMV program offers PCI-audit-compliance waivers to qualified merchants who implement dual-interface contact and contactless acceptance.
Adoption of chip technology will not only help the U.S. payments infrastructure prepare for expected acceleration in mobile-based payments, Visa says, but will improve transaction security by providing dynamic authentication.
With the extension of ENISA's mandate into 2013 by the European Parliament & Council, the agency can continue to educate and collaborate with other nations on cybersecurity issues, an area of constant importance.
Though IT business application functions and security-focused practices are expected to be integrated as a single process, secure configuration is the management and control of configurations for information systems to enable security and facilitate the management of information security risk.