The primary mission of the new Global Cyber Alliance is to identify measurable ways to mitigate cyberthreats facing the public and private sectors, says Phil Reitlinger, a former DHS official and Sony CISO, who heads the new group.
The New York Attorney General's settlement with taxi-hailing platform Uber - over alleged customer data privacy violations and a delayed data breach notification - provides a best practice security template for any organization that handles customer data.
Today's enterprise infrastructure is full of blind spots that can hide malicious threats, and traditional security tools struggle to scale up to meet increased demands. How must security leaders respond? Amrit Williams of CloudPassage shares insight.
Slamming a Ukrainian energy provider for recently falling victim to a spear-phishing email and Excel macro attack might be easy. But security experts recommend all organizations use the incident to ensure they won't fall victim to copycat attacks.
A judge has dismissed a class-action lawsuit against Michaels, filed after the retailer warned that POS malware-wielding attackers had successfully stolen details of an estimated 2.6 million payment cards. But the ruling isn't a surprise - here's why.
GovInfoSecurity announces its seventh annual list of top influencers - lawmakers, top government officials, practitioners and thought-leaders whose leadership has a substantial influence on government cybersecurity policy.
Reports on the Ukrainian energy supplier hack have left many crucial questions unanswered: Who was involved, did malware directly trigger a blackout and are other suppliers at risk from similar attacks? Cybersecurity experts offer potential answers.
The FFIEC's Cybersecurity Assessment Tool is already being integrated into regulators' cybersecurity examinations, says Gartner analyst Avivah Litan. But the tool has so far led to more confusion than clarity, she says, and must be enhanced in 2016.
A power blackout that recently affected about 1.4 million Ukrainians has been tied to an espionage Trojan called BlackEnergy. The attack appears to be the first time that hackers have successfully used malware to help disrupt energy-generation systems.
Expect rebooted European Union data privacy rules to drive organizations worldwide to begin minimizing the amount of information they collect and store on individuals in 2016, both to protect privacy as well as minimize the impact of data breaches.
Boards of directors that figure out how to leverage cybersecurity as a strategic asset will give their organizations a strong competitive advantage, says Lance Hayden of Berkeley Research Group. "Security needs to be part of what the organization uses to competitively differentiate itself."
In the healthcare sector in 2016, hackers will continue to threaten systems and networks - and possibly medical devices - while federal and state regulators expand and refine their data security enforcement activities.