Federal regulators will be kicking off remote HIPAA compliance "desk audits" of business associates next month and more comprehensive onsite audits of both covered entities and BAs early next year. Learn more about what's next for the audit program.
"How secure are we?" That's one of the most common questions asked by boards and senior managers. But security and technology leaders do not always have ready answers, says Jacob Olcott of BitSight Technologies. Are they even using the right security metrics?
Same-day Automated Clearing House (ACH) payment processing became a reality. While this represents a terrific opportunity for banks to be responsive to their customer's requirements for faster ACH payments, plus the ability to attract new customers from banks who choose not to offer the same level of responsiveness,...
The need for PCI-DSS compliance is being embraced in Southeast Asia and the Middle East, with adoption of PCI standards increasing dramatically over the last five years, says Dharshan Shanthamurthy, CEO of SISA Information Security, who shares insights about why PCI adoption is likely to continue to grow.
After years of debate, the EU's General Data Protection Regulation has finally passed. What impact - if any - will the GDPR have on business and future legislation in India? Security experts weigh in on this debate.
The $940 billion compensation awarded to Epic Systems in its case against Indian IT major TCS is unprecedented - shaking the industry out of its complacency to information security. Cyber law expert "Naavi" takes a close look at the implications for India.
The U.S. government's intrusion detection and prevention program known as Einstein has limited ability to detect breaches of federal information systems, according to a new Government Accountability Office report.
Banking institutions and associations are demanding that the Federal Financial Institutions Examination Council make significant changes to its Cybersecurity Assessment Tool. What action, if any, will regulators take in response?
Security experts say the conclusions of an inspector general's report on how the Nuclear Regulatory Commission contracts the administration of security operation centers also applies to other government agencies and private businesses.
Wipro has developed a fraud detection model for improved risk management using big data analytics. Can CISOs leverage it to reduce risk, enhance process efficiency and refine fraud detection algorithms?
Bankers are criticizing one federal regulatory agency for how it has responded to a breach of unencrypted consumer data that occurred during a routine banking exam. They're saying regulators should focus more on their internal security practices.
Put together, two IRS audits illustrate a major concern many security pros have about FISMA audits: They're checklists of whether organizations comply with regulations that require specific processes but do not determine if the processes are effective.