A report on the former head of the NSA and CIA questioning President-elect Donald Trump's understanding of cybersecurity leads the latest edition of the ISMG Security Report. Also, House Homeland Security Committee Chairman Michael McCaul outlines his vision of Congress' cybersecurity agenda for 2017.
In an in-depth audio interview, Troy Leach of the PCI Security Standards Council describes just-released guidance that's designed to help organizations simplify network segmentation, a practice the council strongly recommends to help protect payment card data.
Federal regulators have issued an alert urging healthcare sector organizations to take specific steps to prevent falling victim to distributed denial-of-service attacks. Security experts offer an assessment, plus additional tips.
MSN and Yahoo are among the major websites hit by a wave of malicious advertisements that try to deliver malware to computers. It's a resurgence of activity by a group called AdGholas, which was active in July.
With their reliance on so many IoT devices, how can healthcare organizations defend against menaces such as the Mirai malware, which exploit these devices to create powerful botnets and launch DDoS attacks? Akamai's Dave Lewis offers tips.
President Obama is expected on Dec. 13 to sign the 21st Century Cures Act, which the Senate passed on Dec. 7. Among its long list of provisions, the bill lays out a number of privacy and security-related projects for HHS, including imposing fines on those that intentionally block health data information sharing.
According to one report, barely one-third of global organizations feel prepared to handle a modern cyberattack such as malvertising or ransomware. Justin Dolly of Malwarebytes explains how security leaders can step up their game in 2017.
Coming soon to an internet service provider near you: routers infected by IoT device botnet-building malware such as Mirai. The latest victim is ISP TalkTalk, which is updating routers to block DDoS attackers who have been seizing control of the devices.
In a rare settlement of a data breach class action lawsuit, Tampa General Hospital has agreed to pay plaintiffs who alleged they're at risk for identity theft as a result of insider incidents. But was the settlement amount appropriate?
Facebook, Microsoft, Twitter and YouTube have promised to contribute to a shared database containing hashes - digital fingerprints - of images and videos that promote hatred or terror to facilitate more rapid takedowns. But does the project go far enough?
Government entities struggle not just to measure the effectiveness of their cybersecurity controls, but also how their metrics align to the agency's unique mission. Matt Alderman and John Chirhart of Tenable Network Security offer advice.
The threat landscape certainly has changed in recent years. But can you say the same about the traditional intrusion prevention system? Kurt Bertone of Fidelis Cybersecurity lays out what to look for in a next-gen IPS.
A just-issued report from President Obama's Commission on Enhancing National Cybersecurity outlines challenges the next administration should address. Observations from one of the panel's commissioners highlight the latest episode of the ISMG Security Report.
As fraudsters continually refine their techniques to steal banking customers' credentials, IBM fights back with new tools that use behavioral biometrics and cognitive fraud detection. IBM's Brooke Satti Charles offers a preview.
In an audio interview, Steve Durbin, managing director of the Information Security Forum, offers a forecast of the top security threats for the year ahead, including the ramping up of attacks fueled by "crime-as-a-service" offerings.