Online and mobile banking are taking the world by storm - especially in the Asia-Pacific region. But many institutions are simply not prepared to manage security and privacy appropriately in these venues, says Gartner's Matthew Cheung.
The latest component of the U.S. Department of Veterans Affairs' ongoing effort to protect medical devices from malware is the creation of a centralized patch management system, says Randy Ledsome, the VA's acting director of field security operations.
As the Sony and Epsilon breaches show, privacy is now in the news media every day. And organizations need to be prepared to address the issue, says Trevor Hughes, executive director of the International Association of Privacy Professionals.
The video gaming company Sega says it brought down its online Sega Pass gaming because of unauthorized entry of its database, in which hackers obtained some members' e-mail addresses and encrypted passwords.
Greg Rattray, VP of Security at BITS, says we can't necessarily stop the spread of dangerous malware like Zeus, but banking institutions can do a better job of mitigating the risk and damage that follow such an attack.
The California Supreme Court has ruled that a key provision of a tough state medical privacy law is not preempted by federal regulations. The evolving case, which eventually could wind up before the U.S. Supreme Court or grow into a class action case at the state level, is worth watching.
State and federal banking regulators closed two banks on Friday, June 17. These actions raise the year's total number of failed institutions to 61 banks and credit unions that have closed, been acquired or placed into conservatorship.
Hitch encouraged agencies to be proactive in combating virtual threats, and created an IT security operations center that brought together IT assurance and operations experts . "It makes assurance operational," he says.
The Privacy and Security Tiger Team is recommending that electronic health records software certified for the HITECH Act's EHR incentive program should be able to record corrections from patients or providers as well as transmit those corrections to others.