In the latest weekly update, ISMG editors discuss how organizations can comply with the new PCI DSS 4.0 requirements, whether other countries should follow the U.S. lead on legislating software bills of materials, and key strategies for CISOs preparing for an economic downturn.
African nations have long sought common cybersecurity and privacy laws to facilitate e-commerce across the continent, but of the 55 countries that signed the convention in 2014, so far only 13 have enacted laws. Lucien Pierce of PPM Attorneys explains why it's a complex, time-consuming process.
"It's stupid and adds zero value," writes Ian Keller, director of security at a telecom company, about connecting hospital networks - and especially life-sustaining information - to the internet. He encourages CISOs to be socially responsible about their moral obligation to patients.
Healthcare providers and their health IT vendors need more time to meet a pending federal deadline to comply with information-sharing regulations that pertain to an expanding set of electronic health information, say a slew of heavyweight lobbying groups in a letter to federal regulators.
California Gov. Gavin Newsom on Tuesday signed into law two bills containing privacy protections for information related to reproductive health and abortion, in the wake of the Supreme Court's ruling overturning Roe v. Wade. Other states may follow suit.
A congressional deal will ensure the U.S. Food and Drug Administration can continue collecting fees from medical device manufacturers but at the price of dropping increased cybersecurity mandates for the industry. Requiring manufacturers to patch devices had bipartisan support.
Earlier this year, the PCI Security Standards Council issued version 4.0 of PCI DSS. Two experts from Verizon, Ferdinand Delos Santos and Rokon Zaman, discuss the new requirements of the regulations and strategies for implementing them to reduce risk and improve an organization’s overall security.
Should the now-former CSO of Uber have reported a security incident to authorities after discovering signs of unusual behavior? That's one of the big questions now being asked in the closely watched trial of Joe Sullivan, who's been charged with covering up a data breach and paying off hackers.
Credit card giant Capital One is moving past its 2019 hacking incident as federal regulators stop requiring quarterly updates on efforts to improve cybersecurity and a federal judge signs off on a $190 million settlement in a proposed class action lawsuit.
Errol Weiss, chief security officer of Health-ISAC for the past three years, watched the healthcare sector undergo a historic revolution in the digital delivery of services to patients. Also in that time, the attack surface grew exponentially. How can entities best defend it?
Recent hacking incidents involving an emergency medical transport company and a firm that provides billing services to ambulance companies underscore how protected health information is subject to risk and oversight alike before a patient even steps into a hospital.
Financial services giant Morgan Stanley will pay a $35 million fine to settle U.S. Securities and Exchange Commission charges that it failed to comply with rules requiring it to safeguard customer data as well as ensure it is disposed of properly.
The Department of Health and Human Services slapped three dental practices with fines and corrective action plans in its latest round of HIPAA enforcement actions involving patient right of access. The actions come just days after a new director of the Office for Civil Rights assumed office.
Palo Alto Networks has been in a 19-month dry spell when it comes to major acquisitions, but it looks like that's about to change. Israeli business publication Calcalist reported Monday the firm is closing in on a deal to buy New York-based code risk platform provider Apiiro for around $600 million.
As the Federal Trade Commission focuses on data brokers that collect and share consumers' sensitive information, any company that participates in those activities needs to carefully review its practices, says attorney Daniel Kaufman, former acting director of the FTC's Consumer Protection Bureau.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.asia, you agree to our use of cookies.