Tag Archives: risk

More than 6M affected since HIPAA breach notification rule

Electronically protected health information (ePHI) has become a target for malicious attack, according to a recent report by Redspin, Inc., a provider of HIPAA risk analysis and IT security assessment services. The report was conducted between August 2009– when the HITECH breach notification interim final rule (IFR) went into effect—and the end of 2010.

via Report: More than 6M affected since breach notification rule.

Cost of regulatory security compliance? On average, $3.5M – CSO Online – Security and Risk

The cost of achieving regulatory security compliance is on average $3.5 million each year, according to a survey of 160 individuals leading the IT, privacy and audit efforts at 46 multinational organizations

via Cost of regulatory security compliance? On average, $3.5M – CSO Online – Security and Risk.

Dell To Acquire Secureworks

Dell today announced it has signed a definitive agreement to acquire SecureWorks® Inc., a globally recognized provider of information-security services. SecureWorks’ industry leading Security-as-a-Service solutions include Managed-Security Services, Security and Risk Consulting Services and Threat Intelligence. The acquisition expands Dell’s global IT-as-a-Service offerings and information security expertise.

via Dell To Acquire Secureworks | Dell.

FISMA capstone document released by NIST — Government Computer News

The National Institute of Standards and Technology has released a draft of its guidelines for implementing enterprisewide information risk management. The document defines the underlying principles for implementing the Federal Information Security Management Act.

via FISMA capstone document released by NIST — Government Computer News.

In 2011 The GRC Market Will Grow 20%, Driven More By Breadth Than Maturity | Forrester Blogs

On the heels of Forrester’s GRC Market Overview last month, this week we published my Governance, Risk, And Compliance Predictions: 2011 And Beyond report. Based on our research with GRC vendors, buyers, and users, this paper highlights the aggressive regulatory environment and greater attention to risk management as drivers for change

via In 2011 The GRC Market Will Grow 20%, Driven More By Breadth Than Maturity | Forrester Blogs.

#PCI Compliance Changes Promote Log Management – Security from eWeek

The key revisions cover areas such as log management and scoping the environment to understand where cardholders reside. There were also revisions meant to enable organizations to develop a risk-based assessment approach based on their specific business circumstances as well as changes designed to appeal to small merchants to simplify their compliance efforts.

via PCI Compliance Changes Promote Log Management – Security from eWeek.

Lost hard drive puts data on 280,000 Medicaid enrollees at risk – FierceHealthIT

The names, addresses and some health information of 280,000 Medicaid enrollees in Pennsylvania could be at risk after two affiliated managed care organizations reported the loss of a hard drive from a portable computer.The hard drive went missing in the corporate offices of either Philadelphia-based Keystone Mercy Health Plan or Harrisburg-based AmeriHealth Mercy Health Plan, the Philadelphia Inquirer reports. The two companies cover a total of 400,000 Medicaid patients in the state.

via Lost hard drive puts data on 280,000 Medicaid enrollees at risk – FierceHealthIT.

E-crime Now More Common Than Real Crime

If there was any doubt about the popularity of electronic dupery, it should be put to rest with a report on global fraud released the week by the risk management consulting firm Kroll. For the first time since 2007, when the company began putting together its annual survey on crime, electronic fraud surpassed physical scams as the most common form of fraud in the world.

via E-crime Now More Common Than Real Crime.

Join Forrester’s New Online Community For Security & Risk Professionals! | Forrester Blogs

Forrester has launched an online community for security and risk professionals. The community is a place for security and risk professionals to exchange ideas, opinions, and real-world solutions with each other. Forrester analysts will also be part of the community, helping facilitate the discussions and sharing their views.

via Join Forrester’s New Online Community For Security & Risk Professionals! | Forrester Blogs.