While enterprises rebuild or upgrade their security programs, they must guard against over emphasizing technology investments while neglecting staffing issues, says Ben Johnson, chief security strategist at Carbon Black.
The Asian security landscape continues to change dramatically, and ransomware and cyber extortion are among the emerging trends increasing in frequency and volume. Kaspersky Lab's Vitaly Kamluk shares insights and advice.
There's often a dangerous trade-off made between convenience and security. That's illustrated no better than by a recent issue patched by Microsoft. It's an attack so devilishly smooth that it's a wonder hackers had not figured it out before.
The Obama administration has unveiled a federal cybersecurity workforce strategy that calls for identifying, recruiting, developing, retaining and expanding "the best, brightest and most diverse cybersecurity talent" for federal service. But are those goals realistic?
The release this week by the PCI Security Standards Council of a new PCI compliance resource for small merchants is being lauded by the banking and payments community. But how effective will the resource be at actually convincing merchants to move forward with PCI compliance?
Interbank messaging service SWIFT will begin collecting and sharing anonymized attack information and offering incident-response services - backed by Fox-IT and BAE Systems - to help hacked banks. But will financial institutions buy in?
As many as 250,000 credentials for Remote Desktop Protocol servers around the world may have been offered for sale on the now-shuttered xDedic cybercrime marketplace. So what can organizations do to mitigate related risks and avoid a major network intrusion?
While PCI compliance is a priority for many U.S. retailers, some major companies in Australia say they'd rather forego the cost of compliance and risk the possibility of steep fines if a card breach occurs.
Cyberattacks are increasing in frequency, complexity, nuance and stealth. But human error, business compulsions and increasingly complex environments make it difficult to maintain adequate defenses, says Juniper Network's CTO for India and SAARC
The $940 billion compensation awarded to Epic Systems in its case against Indian IT major TCS is unprecedented - shaking the industry out of its complacency to information security. Cyber law expert "Naavi" takes a close look at the implications for India.
The section chief of the FBI's Cyber Division says "the FBI does not condone payment of ransom," in part because it enables criminals to victimize others. Instead, the bureau continues to urge all potential victims to get their IT house in order.
Are you making the most of all the intelligence available to you today? What are the practical aspects of plugging abstract threat intelligence into your specific business use cases? Deloitte's Parthasarathy shares deeper insight.
Revelation of 321 attempts to place ransomware on federal government computers in the second half of last year raises a number of questions about the effectiveness of the Einstein intrusion detection and prevention system as well as how the government responds to such attacks.
Advanced attacks are out, while persistent, relatively simple attacks are in. Despite all of the APT hype in recent years, cybercriminals, and especially nation-state attackers, prefer to keep things simple. Information security experts explain why.
It's springtime in San Francisco: cue the annual RSA Conference. Here are some notable trends that have already emerged from the event, ranging from ransomware and phishing attacks to hacker self-promotion and Facebook fakery.