Regardless of the exact wording of The CMS Interoperability and Patient Access final rule, it’s clear that healthcare executives will be spending considerable time this year thinking about, planning for, and implementing technologies that support healthcare data exchange.
The offices of the Chief Information Security Officer and the Chief Digital Officer have the biggest part to play in protecting consumers perception of a brand, but they couldn’t be more opposite in their objectives and operations. CISO’s are tasked with keeping the unknown users out. Their primary focus has been making sure internal users such as employees, contractors and vendors are properly vetted and authenticated. CDO’s are seeking to invite as many unknown users (prospects) in as they represent new business. Having said that, what would happen if the CISO and CDO partnered more closely to protect those unknown users (prospects) and improve their online experience?
When it comes to PKI, leaders have two options: build it or move it to the cloud. PKI as-a-Service (PKIaaS) platforms are becoming a popular investment choice that provide all the benefits of a privately rooted PKI, but without the cost and complexity of running it in-house. PKIaaS providers can deliver a much more effective, and ultimately more secure, PKI than most enterprises can achieve on their own. Regardless of whether the choice is to build or buy, teams must consider six key requirements to ensure in-house or out-sourced PKI success – and digital identity security.
COVID-19 has initiated a whole new host of cybersecurity threats. Twitter was one of the latest victims, its employees allegedly being targeted so that hackers should take over the accounts of certain verified users. And just before that, a June 25 story in The New York Times detailed the way in which a foreign entity is attempting to infiltrate American business by taking advantage of remote employees whose organizations – more than 400 million worldwide – use virtual private networks (VPNs).
There is a lot to consider when deciding on new fire alarm technology. Whether you are installing a new fire alarm system or adding to an existing system, flexibility is a crucial consideration in order to prepare for future building requirements and/or technology changes. Adaptations and technology upgrades to satisfy changing code regulations can often be the most significant expenses associated with life safety systems after installation. It is important to learn how your system can handle these adaptations and how much it will cost to upgrade and maintain your new system. Learning the difference between proprietary and non-proprietary fire alarm systems will help you to avoid unnecessary expenses during upgrades or expansions.
As much of the world continues to hunker down at home in response to COVID-19, threat actors continue to find ways of exploiting the crisis to gather sensitive and valuable information from individuals. But while we’re busy making sure that our primary computers and cloud-based accounts are locked down, it’s often the devices we least suspect – our smartphones – that provide the opening that hackers need. The 2018 hacking of Jeff Bezos’s iPhone X, perhaps the most famous example of smartphone hacking, provides an important reminder that these most personal of devices should be used with appropriate caution, especially in this time of upheaval.
As part of reorganizing and updating safety functions at the University of Utah, Chief Safety Officer Marlon C. Lynch created a new position to direct Campus Security and to oversee public safety compliance and accreditation.
Today's challenging reality presents an opportunity for CISO’s to reevaluate the economics and efficiencies of their current infosec program. To do so, CISO’s must narrow their focus on maximizing their return on investments and shift to a risk-based prioritization strategy. No matter the situation, CISO’s are always expected to meet goals and drive results. Even though security professionals cannot reduce risk to zero, they can reduce risk significantly by first eliminating the most impactful risks facing their organization. Below, I discuss the four critical steps of leading an economical and efficient information security program while following a risk-based approach.
Countless businesses export data from the European Union to the United States. Does your human resources office have information on European employees? The sales department information on European clients? That is personal data. The question is if data exports can continue in the wake of the Court of Justice of the European Union’s (CJEU) ruling in the “Schrems II” case.
RSS
