If the NSA's meddling in NIST cryptography standards soiled the reputation of the National Institute of Standards and Technology, an amendment approved by the House of Representatives could help restore it.
Kentucky is now the 47th state to enact a breach notification law. While a national law superseding the widely varying state statutes is long overdue, the primary election defeat of House Majority Leader Eric Cantor makes passing such a bill tougher.
It's well known that lost or stolen unencrypted computing devices account for the majority of large health data breaches. But a new report from the Department of Health and Human Services shines a light on how frequently breaches - especially smaller ones - involve paper records.
When NIST issued "Guidelines on Cell Phone Forensics" in May 2007, Apple's introduction of the iPhone was a month away. Seven years later, NIST is revising its guidance and giving it a new moniker, "Guidelines on Mobile Device Forensics."
High-profile retail breaches, such as the one suffered by Target Corp., could spur more merchants to promote increased use of mobile payments to boost security, says Thad Peterson, a new analyst at Aite Group.
A multi-layered approach known as "context-aware security" is the most effective strategy for fighting both insider and external cyberthreats, says Gartner analyst Avivah Litan, who explains how this strategy works.
Third-party risks and the Fed's plans for emerging payments will be highlighted at ISMG's Fraud Summit Chicago on May 14. How banking institutions and retailers are expected to respond to new risks posed by external parties will be a focus for our keynote panel.
"Security as a business enabler" was the mantra echoing through the recently concluded 2014 Infosecurity Europe conference in London, a message that should have been heeded by top executives at retailer Target last year.
Organizations across all industry sectors understand the importance of information security. But turning security awareness into meaningful action - that's the challenge that many midsized entities face, says Sophos' Nick Bray.
Scores of banking/security leaders gathered at the SF Fraud Summit to learn from the nation's leading experts on topics such as account takeover, big data analytics, insider risks and payment card fraud.
The recent Verizon Data Breach Investigation Report notes more than 16,000 incidents in the past year where sensitive information was unintentionally exposed. "Nearly every incident involves some element of human error," the report notes.