It's clear that major data breaches have become not just a topic of mainstream news, but they're occurring with such frequency and potential devastation that they're almost deserving of a 24-hour news desk.
"Just securing the data is no longer enough," says Trevor Hughes, head of the International Association of Privacy Professionals. 'Privacy professionals, in addition, need to prepare for what happens when things go wrong."
A provision in the proposed Accounting of Disclosures Rule mandated under the HITECH Act that calls for providing patients with an "access report" listing everyone who's electronically accessed their records is stirring up debate.
The House Subcommittee on Commerce, Manufacturing and Trade heard from Sony and Epsilon about breaches that adversely affected consumer information. Both companies support a national data security and breach notification law.
As part of its ongoing effort to improve the interoperability of digital certificates for authentication, the Office of the National Coordinator for Health Information Technology is seeking comments by June 5 on the best approaches.
Quantifying the safety or danger of cyberspace is tough. But a highly respected IT security practitioner and an experienced risk management consultant have teamed to develop an index they contend reflects the relative security of cyberspace by aggregating the views of information security industry professionals.
Payment card fraud. ACH and wire transfers. ATM skimming. And especially insider crimes. These are among today's top information security threats to institutions, says banking regulator Gigi Hyland in an exclusive interview.
As emerging technologies such as cloud computing and mobile banking become the norm, the FDIC's Donald Saxinger says vendor management programs must specifically address the outside risks posed by working with non-traditional financial services providers.
The National Strategy for Trusted Identities in Cyberspace (NSTIC), a government-private sector initiative, could enhance efficiency, security and privacy in all the transactions done online every day, says NIST's Jeremy Grant.