Healthcare Information Security Podcast

Human genome sequencing can support groundbreaking research leading to improved treatments. But before genetic testing can become common, privacy issues need to be tackled, says Lisa M. Lee, who heads a presidential advisory panel.

A group of highly respected IT security thought leaders is calling on the Obama administration to exercise existing powers to strengthen the processes the federal government employs to secure its information systems.

CISOs increasingly are asked to manage both information security and risk. What new skills and tools do they need to juggle the dual role? David Sherry, CISO of Brown University, shares his views.

Employing cloud computing services could help organizations defend against the type of distributed denial of service attacks that have temporarily crippled the online service of major American banks, says NIST's Matthew Scholl.

Top executives must be transparent with their stakeholders when their IT systems get attacked. Otherwise, their enterprises' reputations could be more severely damaged, says IBM Fellow Luba Cherbakov.

As mobile computing becomes ever-present, enterprises face a new threat landscape that includes rogue marketplaces, insecure public Wi-Fi and proximity-based hacking, says Dan Hubbard of the Cloud Security Alliance.

All midsize and large healthcare organizations should implement mobile device management systems to help prevent breaches of patient information, says security consultant Tom Walsh.

Healthcare providers often fail to conduct comprehensive, timely risk assessments, as required by regulators. But security expert Kate Borten says they can leverage new guidance to help get the job done.

Cybersecurity thought-leader Ira Winkler has been appointed new international president of the Information Systems Security Association. Find out about his plans for creating a healthcare special interest group.

DDoS attacks have existed for years. But the latest wave brings new threats to organizations. How should they defend against these attacks? Ashley Stephenson of Corero Network Security offers insights. DDoS attacks have existed for years. But the latest wave brings new threats to organizations. How should they defend against these attacks? Ashley Stephenson of Corero Network Security offers insights. In an interview about defending against the new, sophisticated DDoS attacks, Stephenson discusses: What's new about the attacks we're seeing; Why traditional defenses are insufficient; How organizations can mitigate their risks by deploying a new defensive strategy.

Windows 8 is coming soon. What are the security updates in Microsoft's new operating system? Which questions should security leaders weigh before upgrading? Forrester's Chenxi Wang offers insight.

Connecticut Attorney General George Jepsen says he hopes an update to the state's data breach protection law that took effect Oct. 1 will help make its enforcement less difficult.

Richard Hodge, senior director of Congressional affairs at HIMSS, explains why the association has asked Congress to commission a study of nationwide patient data matching in an effort to improve patient safety.

Healthcare organizations can learn a lesson from communication missteps in the banking sector. Banks struck by DDoS attacks are missing an opportunity to educate customers about cybersecurity, says Gregory Nowak of the Information Security Forum.

Delaware Chief Security Officer Elayne Starkey leads, but does not supervise, hundreds of information security officers, many of whom have technical expertise in areas other than security.

Earlier this year, Bill Wansley of Booz Allen Hamilton warned of nation-state attacks against U.S. banks. Are his predictions now coming true? What should institutions expect in weeks ahead?

NIST's Ron Ross, one of the world's top information risk thought leaders, says new guidance he co-wrote doesn't dictate how organizations must approach risk assessment, but gives enterprises options on how to conduct risk appraisals.

The federal government has unveiled five pilot projects, including two that involve healthcare, that, if successful, could help build trust in online commerce and boost the economy, says Jeremy Grant, head of the National Strategy for Trusted Identities in Cyberspace National Program office.

States preparing to roll out online health insurance exchanges in 2014 need to pay special attention to authenticating users, says Bryce Williams, who heads a commercial exchange.

The PCI Security Standards Council has issued new guidelines on mobile payment acceptance security. What are the key recommendations? The council's Bob Russo and Troy Leach discuss the new guidance.