A breach is a disaster, says business continuity specialist Ken Schroeder. So organizing an effective breach-response team does not require a reinvention of the wheel. What it does require is a holistic approach.
Don't be too fast to blame Research In Motion for the disruption in BlackBerry service if your organization suffered from the lack of e-mail exchanges. It could be partly your fault, too, says noted infosec lawyer Francoise Gilbert.
News about recent healthcare information breaches offers an important reminder: Monitoring the privacy and security procedures of your business associates should be a vital component of any breach prevention strategy.
The breach earlier this month of certificate authority DigiNotar could prove to be the worst security event ever to happen on the Internet because it threatens, at its core, a fundamental principle of Internet transactions - economic and social - trust.
A new report to Congress about major healthcare information breaches shows that federal officials have yet to complete their investigations of corrective actions taken in the wake of 70 percent of incidents.
Preliminary results of our inaugural Healthcare Information Security Today survey, which is still open for participation, show that only about half of healthcare organizations have a plan in place to comply with the HITECH Act breach notification rule.
"The timing and the targets point to China," says cybersecurity policy expert James Lewis. "Spying right before the Beijing Olympics and focusing on Southeast Asia reflects China's larger interests more than those of any other country."
Organizations taking proper preventative measures realize a cost savings of nearly 25 percent over those that don't, an analysis of a survey sponsored by Hewlett-Packard reveals. Still, the study shows, it takes longer to resolve cyberattacks than it did a year ago.
Corporate account takeover events are reigniting the debate between banks and their former commercial customers, about everything from fraud liability and the "good faith" standard to commercially reasonable security.