In the final days of the Biden administration, a proposed overhaul of the HIPAA Security Rule faced predictions of modification under the incoming Trump administration, according to regulatory attorney Sharon Klein from the law firm Blank Rome. Klein emphasized the necessity of updating the Security Rule, which has remained largely…
Balancing Open Access and Cybersecurity in Education: Insights from Industry Experts In the evolving landscape of cybersecurity, Chief Information Security Officers (CISOs) in the education sector are grappling with a dual mandate: facilitating open access to information for students and staff while simultaneously protecting sensitive data against rising cyber threats.…
Critical Infrastructure Security CISA Calls on Software Developers to Enhance Cyber Hygiene Practices Chris Riotta (@chrisriotta) • January 7, 2025 New voluntary cybersecurity performance goals target software development security improvements while addressing potential vulnerabilities. The Cybersecurity and Infrastructure Security Agency (CISA) is urging software developers across the IT and product…
Encryption & Key Management, Security Operations Researcher Unveils Bitpixie Attack Techniques to Extract Encryption Keys Akshaya Asokan (asokan_akshaya) • December 31, 2024 Image: Shutterstock Recent research has unveiled a previously addressed vulnerability within the Windows BitLocker disk encryption system that remains exploitable. This flaw poses significant risks, potentially allowing attackers…
New Cybersecurity Regulations Projected to Cost Healthcare Sector $9 Billion in First Year In response to escalating data breach threats, the Biden administration is proposing a series of stringent cybersecurity regulations aimed at healthcare organizations across the United States. These new rules, prompted by the alarming rise in cyberattacks, particularly…
HIPAA/HITECH, Standards, Regulations & Compliance HHS Proposes New Encryption and Cybersecurity Standards for Healthcare Organizations Chris Riotta (@chrisriotta) • December 27, 2024 Recent high-profile breaches have targeted sensitive healthcare data. (Image: Shutterstock) The U.S. Department of Health and Human Services (HHS) is intensifying its digital security measures in response to…
The Federal Trade Commission (FTC) has mandated that Marriott International and its subsidiary, Starwood Hotels, develop and enforce a comprehensive data security program due to a series of significant failures that resulted in massive data breaches. This action comes after Marriott’s acquisition of Starwood in 2016, which was marred by…
Unsecured Database Exposes Millions of Records at Builder.ai In a serious cybersecurity incident, Builder.ai, a London-based AI development platform, has faced significant scrutiny after a massive database was discovered publicly accessible without password protection or encryption. This database contained approximately 3 million records, amounting to an alarming 1.29 terabytes of…
In 2024, the landscape of healthcare cybersecurity faced unprecedented challenges, marked by a surge in cyberattacks that significantly threatened patient safety and data privacy. Heading into 2025, however, there are glimmers of hope, including the implementation of enhanced security controls and new regulatory measures aimed at bolstering defenses against these…
