Debate over cybersecurity bills last year coupled with recent, highly publicized attacks have raised the visibility of the threat, and that could push Congress to enact IT security legislation in 2013, White House Cybersecurity Coordinator Michael Daniel says.
The HIPAA Omnibus Rule stresses the need for business associates to adequately safeguard patient information. What are the implications? Here's what a federal privacy officer and a consumer advocate have to say.
Using technology to prevent breaches is insufficient. Security leaders also must address the human factor, making sure staff members receive appropriate training on clear-cut policies - before it's too late.
As enterprises move more applications to the cloud, continuous monitoring will play a greater role in assuring the software is patched in a timely manner, says John Streufert, DHS director of federal network resilience.
In light of growing threats and the increasing complexity of information technology, organizations must get everyone in the enterprise, especially top leaders, involved in assessing and managing information risk.
Senate Majority Leader Harry Reid, in a letter, informed Minority Leader Mitch McConnell of his decision to bring cybersecurity legislation to the floor during the first work period of 2012 legislative session.
Security incidents reported over the past five years have placed the confidentiality, integrity and availability of sensitive government information and information systems at risk, an annual GAO review reveals.
Documenting procedures for the State Department's custom-made, continuous-monitoring tool known as iPost will help ensure that the data collected are appropriately used to protect the agency's global IT system, a GAO audit says.
Auditors find that the SEC's IT office documented and incorporated National Institute of Standards and Technology patch requirements in its policies and procedures but that guidance wasn't always followed.