Mobile apps, mobile devices, OH MY. Mobile security concerns are going to take the top priority this year.
Twitter vs. "scareware" - malware
The HIPAA Security Rule now applies to Business Associates. Make sure your security testing extends to them as well.
Managing vendors and business partners is hard in any industry, but when the data is sensitive ePHI, you are trying to achieve EHR meaningful use and there are penalties like the HITECH Act's breach notification requirements, it can be even more daunting.
Summary of CHIME's input and Redspin's input on the subject.
Passwords vs. Certificates. Which is more secure/ is the time of the password over?
Most people are at least somewhat aware of the insecurities of using a public wireless network to do sensitive things like online banking, checking their email, playing Farmville on Facebook and other important things.
The move from IPV4 to IPV6 proposes to greatly increase the number of addresses that need to be scanned to find live IP's.
A deeper look at two Top 10 lists and into why understanding how to mitigate risk is better than just knowing what the risks are.
Version 2.0 of the PCI DSS has clarified their testing expectations