The latest big security breach to hit the news is an important reminder about a couple of key aspect of security. While few details are available as to the nature of the breach, some general security principals apply. Here are…
N.Y.T. has reported on a recently exposed breach at the International Monetary Fund.
The RSA Breach, their initial reaction, and their follow-up communication regarding the Lockheed Martin attack (which they are admitting is related to the initial RSA breach) makes us question their priorities.
Now this week, we learn the HHS Inspector General has audited HIT Standards, privacy protection under HIPAA, and other security measures at CMS and the ONC. Their conclusion? "OIG found weaknesses in the two HHS agencies entrusted with keeping sensitive patient records private and secure." Such weaknesses included lax oversight and insufficient standards for healthcare providers.
Dan Berger's summary of the OCR/NIST HIPAA Security Conference in Washington D.C. 2011.
We checked one of their systems. And recorded the output for you to judge.
Sony fell victim to a known vulnerability and now your credit card information may have been compromised.
What Sony has not released yet (and this is the big one) is whether credit card numbers and expiration dates have been compromised as well.
Business Associates being breached leaves hospitals and healthcare organizations open to scrutiny via the public. Exhibit A.
If RSA can't succeed in securing a small and critical area of their network, what is a healthcare organization to do?