The recent data breach impacting 150 million user accounts of Under Armour's MyFitnessPal application and website offers important lessons for mobile app developers, security expert Joan Pepin explains in this interview.
With Alabama and South Dakota recently becoming the last two states to adopt breach notification laws, notification processes become more complicated, says privacy attorney Adam Greene, who offers an in-depth analysis.
Leading the latest edition of the ISMG Security Report: Assessing cryptocurrencies' role in the latest ransomware and malware attacks. Plus: Facebook's revised estimate on account details accessed by Cambridge Analytica.
The high-profile breaches of Fortune 100 companies are the ones that get the headlines, but small and midsized businesses should not breathe any sighs of relief. They are very much still targets, says Austin Murphy of CrowdStrike. He offers cybersecurity advice to SMBs.
Processing and parsing intelligence from all sources - external and internal, structured and abstract - across three important categories is essential to a proactive, predictive threat intelligence framework, says Verizon's Ashish Thapar
CISOs increasingly are summoned to present to their Boards of Directors. But too often these presentations fail to frame the right topics with the right metrics, says Jacob Olcott of BitSight. He offers advice for maximizing the opportunity in front of the Board.
Organizations need to carefully assess - and then verify - the data security controls their existing - and prospective - vendors have implemented, says privacy and security expert Rebecca Herold, who offers a range of vendor management tips in an in-depth interview.
Cyber SOCs, the next generation of security operations centers, need to use a new approach to detecting emerging attacks, says Aadesh Gawde of the IT risk consultancy ProVise Consulting, who offers implementation tips.
Vendor risk management is becoming more critical as companies rely more on partners who have access to payment card data and other sensitive information, says Ramon Lipparoni, IT integration manager at ComAir, a South African airline. One critical step, he says, is conducting impromptu vendor audits.
What impact with the Facebook data privacy controversy have on the social media company, and other tech giants, eventually competing with banks? James Wester of IDC sizes up the open banking implications.
Leading the latest edition of the ISMG Security Report: Ransomware hits the city of Atlanta, Baltimore's 911 system as well as aviation giant Boeing. Plus, WikiLeaks and its Julian Assange get taken for a ride by Russian intelligence.
Two out of three organizations say that finding qualified cybersecurity professionals is a struggle, a new study shows. And 80 percent of respondents do not feel adequately prepared to defend their organizations. Kathie Miley of Cybrary and Wade Baker of Cyentia Institute discuss how to bridge the cyber skills gap.
Evidence continues to mount that Russian intelligence created the "Guccifer 2.0" hacker online persona as a "plausible deniability" cover for dumping information stolen from the U.S. Democratic National Committee, among other targets, says cybersecurity expert Alan Woodward.
As the Cambridge Analytica scandal continues to unfold, Congress seeks answers from Facebook, calling on CEO Mark Zuckerberg to testify. Also in the latest edition of the ISMG Security Report: Is it possible to build a secure digital wallet for storing cryptocurrency?
Multivector distributed denial-of-service attacks are having a bigger impact than simple volumetric attacks, says Brian McCann, president of Netscout's security business unit, who analyzes the latest trends in an in-depth interview.