Sometimes HIPAA training alone is just not enough to drill into peoples' heads why and how patient information needs to be protected. So, how are organizations getting medical staff to do the right thing?
The answer seems obvious, especially in the context of IT security and information risk. Yet, is it, especially when developing codes and standards, as well as funding research and development initiatives that involve taxpayer money?
Heading into 2013, security leaders across industry feel confident about their processes and technology. People, though, continue to create the greatest risks. Can "awareness in depth" make a difference?
While some healthcare organizations are quickly rolling out privacy and security policies for employee-owned mobile devices, others are moving slowly. What BYOD tips do healthcare security leaders offer?
Eurograbber got banks' attention after compromising out-of-band authentication in Europe. But researchers say it's the knowledge of the hackers behind the attack, not the Trojan, that's most concerning.
Developing a bring-your-own-device
policy that's well-integrated with an organization's overall information security strategy requires a multi-disciplinary, collaborative approach, says attorney Stephen Wu.
New malware attacks are targeting smart phones, and experts say banking institutions aren't doing enough to detect and prevent those attacks. So where should institutions focus their tech investments in 2013?
Despite numerous data breaches, as well as financial incentives and penalties, many healthcare organizations aren't taking risk assessment requirements seriously. Experts offer insights on best practices.