CEO Jack Tretton didn't minimize the breach, grouping Sony with others that have been hacked in recent weeks. "If you read the newspapers, you realize that there are companies being bombarded with people trying to hack them all the time."
NRC CISO Patrick Howard is among three information security leaders who share their experiences, approaches and challenges from battling data breach incidents that had an impact on their organizations and their careers.
Details surrounding the reported breach of the International Monetary Fund remain sketchy, but alarming. And Gartner analyst Avivah Litan believes there may be "dozens" of similar incidents that have not been disclosed.
Danish pharmaceutical company Novo Nordisk Inc. has agreed to a $1.725 million civil settlement agreement to resolve allegations that the company accessed and misused private patient information and filed false or fraudulent Medicaid claims.
If you need one more reason to take additional steps to prevent health information breaches, here's something to consider. An attorney argues that if breaches, and their high costs, are not brought under control, "I think where we are headed is to an insurance crisis."
"This is yet another [incident] in what is turning into a major 'breach streak,' which will make all of us rethink what information security really means," says Mike Urban, senior director of fraud solutions for FICO.
"Durbin, as it stands today, is very poor for the payments industry and the consumer, because it would lend itself to reducing fraud prevention and detection," says one banking/security leader about the controversial Durbin Amendment to Dodd-Frank banking reform.
After hearing objections from hospitals and physicians about a proposed "opt-in" approach to obtaining patient consent for health information exchange, the Maine legislature has passed a rewritten measure that spells out rules for an "opt-out" approach.
The Office of the National Coordinator for Health IT has selected the American National Standards Institute to accredit organizations that will certify electronic health records software for the HITECH Act EHR incentive program.
The executive director of a Southern California health information exchange describes a pilot project that's testing whether patient identifiers make it easier to match patients to their records from multiple organizations.
Breaches will not slow anytime soon, and there's not much financial institutions and the payments chain can do to stop them. At this point, the best course of action for banks and retailers is to focus on damage control.