Cybersecurity

5922 readers

245 users here now

c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.

THE RULES

Instance Rules

Be respectful. Everyone should feel welcome here.
No bigotry - including racism, sexism, ableism, homophobia, transphobia, or xenophobia.
No Ads / Spamming.
No pornography.

Community Rules

Idk, keep it semi-professional?
Nothing illegal. We're all ethical here.
Rules will be added/redefined as necessary.

If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.

Learn about hacking

Hack the Box

Try Hack Me

Pico Capture the flag

Other security-related communities [email protected] [email protected] [email protected] [email protected] [email protected]

Notable mention to [email protected]

founded 2 years ago

MODERATORS

kid

[email protected]

The US proposes rules to make healthcare data more secure (www.theverge.com)

submitted 1 week ago by [email protected] to c/cybersecurity

6 comments fedilink hide all child comments

The HIPAA Security Rule is due for an overhaul.

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 18 points 1 week ago (3 children)

What such a ruling needs are hard punishments for those responsible for data "losses". Those who have unsecured servers, those who use weak passwords, or leave backdoors in their software need to be sanctioned as well as the actual hackers.

[–] [email protected] 11 points 1 week ago (2 children)

Definitely. Once the company reach certain level of annual turnover it must implement A-Z security measures or be fined out of existence would be great. I even go as far as making it personal liability for upper management if they deliberately try to circumvent those requirements.

[–] Tar_alcaran 7 points 1 week ago* (last edited 1 week ago) (1 children)

I even go as far as making it personal liability for upper management

This needs to be a thing for SO many things across the board, from personal data to ecological damage and unsafe working conditions. Not just upper management, everyone down the chain. If Bob the (qualified)intern did it, Anna the manager checked it and Charlie the CEO approved it, they ALL need to get punished.

[–] taladar 3 points 1 week ago

Punishing the lower level employees should only really be implemented once all the anti-whistleblower legislation and people in government have been purged though otherwise you just put the employees who are asked to do questionable things between a rock and a hard place with no way not to get punished.