Browsing Category: Compliance

Black Hat is upon us and, with it, a lot of chatter about the dangers posed by so-called “APT,” or advanced persistent threats. Rather than get trapped in the hype bubble, Threatpost editor Paul Roberts took the opportunity to check back in with a recognized expert on detecting and combating APT-style attacks: Amit Yoran, the former CEO of NetWitness Corp. and now a Senior Vice President at RSA, The Security Division of EMC. Yoran says that the darkest days may yet be ahead in the fight against APT style attacks, with mounting attacks and a critical shortage of security talent. To cope, both private sector firms and the government need to stop fighting the last war and pivot to the kinds of practices and monitoring that can spot sophisticated attackers. 

Read more...

Categories: Compliance, Government

The general in charge of the National Security Agency on Monday said the lack of national cybersecurity leglislation is costing us big and amounting to what he believes is “the greatest transfer of wealth in history.”

U.S. Army Gen. Keith B. Alexander urged politicians to stop stalling on approving a much-needed cybersecurity law – of which various versions currently are circulating in Congress. At the same time, he implored private companies to better cooperate with government agencies, many of whom remain mum because of privacy concerns.  

Read more...

Categories: Compliance, Government

U.S. Sen. Jay Rockefeller wants to strengthen SEC legislation that requires publicly traded companies disclose significant digital security breaches, mainly because most aren’t.

The chairman of the Senate Commerce, Science and Transportation Committee last week added a provision to cybersecurity legislation that would direct the SEC to clarify when companies must disclose data breaches. 

Read more...

The Government Accountability Office (GAO) is warning that the U.S. government hasn’t lived up to promises to protect the privacy of Medicare patients who use the federal government’s Prescription Drug Benefit and not following through on promises to audit organizations that store patient health information.

Read more...

Software failures were behind 24 percent of all the medical device recalls in 2011, according to data from the U.S. Food and Drug Administration, which said it is gearing up its labs to spend more time analyzing the quality and security of software-based medical instruments and equipment.

Read more...