The Department of Health and Human Services is seeking comments on how it can improve its security risk assessment tool, which is designed to help smaller organizations conduct assessments as required ...

The current HIPAA Security rule defines Risk Analysis as: “Conducting an accurate and thorough assessment of the potential risk and vulnerabilities to the confidentiality, integrity and availability ...

The FDA released their updated guidance on Cybersecurity in medical devices: Quality System Considerations and content for Premarket submissions at the end of June in 2025. In this guidance the FDA ...

Once a hacker has gained access to your network, they can steal, modify, delete, or distort your data, or take control of them in ways you couldn't imagine. Remember that due to frequently limited ...

The Centers for Medicare and Medicaid Services has released a free, downloadable tipsheet to help hospitals in stage 1 or stage 2 of its electronic health record incentive programs conduct a security ...

Drata’s Matt Hillary on building transparent, business-aligned security programs that thrive on visibility—not perfection ...

[Excerpted from "How to Conduct an Effective IT Security Risk Assessment," a new report posted this week on Dark Reading's Risk Management Tech Center.] Many security and compliance projects begin ...

Collects and uses customer or employee personal information. Participates in an industry sector that is considered high risk or critical infrastructure. Offers securities as a publicly traded company.

Now that the U.S. is in an ongoing war on terrorism, security is taking a central role in almost every building type. But how do you determine what needs securing and at what costs? "People feel they ...

It's difficult for risk managers to help decision-makers after a risky choice has been made. Unfortunately for many organizations, that's how traditional risk management programs work — and by the ...