Group items matching

in title, tags, annotations or url

The data breaches of 2014 have yet to fade into memory, and we already have 2015 looming. Experian's 2015 Data Breach Industry Forecast gives us much to anticipate, and I've asked security experts to weigh in with their thoughts for the coming year as well. Experian highlights a number of key factors that will drive or contribute to data breaches in 2015. A few of them aren't surprising: Organizations are focusing too much on external attacks when insiders are a significantly bigger threat, and attackers are likely to go after cloud-based services and data. A few new factors, however, merit your attention. First, there is a looming deadline of October, 2015 for retailers to upgrade to point-of-sale systems capable of processing chip-and-PIN credit cards. As banks and credit card issuers adopt more secure chip-and-PIN cards, and more consumers have them in hand, it will be significantly more difficult to clone cards or perpetrate credit card fraud. That's why Experian expects cybercriminals to increase the volume of attacks early in 2015, to compromise as much as possible while they still can. The third thing that stands out in the Experian report is an increased focus on healthcare breaches. Electronic medical records and the explosion of health or fitness-related wearable devices make sensitive personal health information more vulnerable than ever to being compromised or exposed. The risk of health related data being breached is also a concern voiced by Ken Westin, security analyst with Tripwire. He pointed out that part of the reason that retail breaches have escalated is because cybercriminals have developed the technologies and market for monetizing that data. "The bad news is that other industries can easily become targets once a market develops for the type of data they have. For more info: Westhill Insurance Consulting Data breach trends for 2015: C

CMS created the Zone Program Integrity Contractor (ZPIC) program to investigate allegations of Medicare claim fraud in the country's seven traditional Medicare program claim processing zones. Kathleen King, a GAO director, testified that the ZPICs say they helped Medicare save about $250 million in 2012. CMS does not know how quickly ZPICs are conducting investigations, King said. The GAO is looking into the possibility that the ZPICs could save Medicare more money by acting more quickly, according to King. Hearing witnesses also talked about another Medicare fraud prevention program -- an automated Fraud Prevention System that came to life in 2011. The system is supposed to use "predictive modeling" -- data sifting tools -- to identify suspects for the ZPICs to investigate. During the first year of operation, the system generated only about 5 percent of the ZPICs' leads, King said. CMS says the system is now the primary source of the ZPICs' leads, but details are scarce, she added. Dr. Shantanu Agrawal, director of the CMS Center for Program Integrity, said the Fraud Prevention System stopped, prevented or identified $115.4 million in improper payments during the first two full years of operation. Savings increased in the second year, Agrawal said. King said one problem is that the Fraud Prevention System does not give CMS any way to suspend paying questionable Medicare claims while investigations are still under way.