Roundup of news and insights from the National HIPAA Summit, including the announcement that state attorneys general soon will receive training on how to file federal civil lawsuits for HIPAA violations.
"We are training organizations to become more security focused and get them away from the check box mentality," says Jeremy King of the PCI Security Standards Council, describing the group's new approach to increasing PCI awareness globally.
The Defense Department hopes to prevent future WikiLeaks-style breaches by employing public key infrastructure-based controlled access cards, but that solution won't be fully in place until mid-2013, DoD CIO Teresa Takai says.
The United States Naval Academy is revising its core curriculum and will require midshipmen, beginning with the incoming freshman class entering Annapolis this summer, to take at least two cybersecurity courses during their four years at the school.
Recent incidents of corporate account takeover have pushed regulators, associations and practitioners to call for greater awareness and more collaboration between commercial customers and banks. But is there an ROI to enhanced awareness?
"Today's risk management professionals really need to take a strategic view of managing risk to be relevant in achieving the organization's expected outcome," says Philip Alexander of Wells Fargo Bank.
This week's top news and views: New NIST guidance focuses on risk management; DHS seeks hundreds of millions of dollars for cybersecurity projects; and former New York State CISO Will Pelgrin on federal-state-local IT collaboration.