By now, organizations are well acquainted with DDoS. But do they understand the attacks' key components and how to mitigate them? Akamai's Matt Mosher shares the questions to ask when purchasing DDoS mitigation.
Misusing data access privileges can pose a threat to the integrity of an organization's IT systems and the privacy of individuals. But gray areas exist, and it's not always clear cut when "unofficially" accessing protected data means users are abusing their privileges.
The risks of e-commerce breaches are top-of-mind again with the news of a possible compromise of PNI Digital Media, which manages and hosts online photo services for numerous big-name retailers. How can the risks be mitigated?
British police have re-arrested Lauri Love, who's been charged with 2012 and 2013 hack attacks against U.S. government computers, including systems operated by the Federal Reserve, U.S. Army and NASA. But Love plans to fight extradition.
With so much stolen PII available to fraudsters, it's time for banks and others to move to more sophisticated forms of authentication of customers' identities. Knowledge-based authentication is no longer reliable.
After jumping by 33 percent in 2014, the number of Americans who consider themselves IT security professionals has remained flat for the first half of 2015, according to an examination of federal government employment data. That's bad news for employers seeking IT security pros to hire.
Blue Cross and Blue Shield plans' offer of extended ID protection to the more than 106 million individuals covered by their insurance could set new expectations for breach response, some security experts, including Ann Patterson, predict.
At a hearing on the role the Interior Department played in a recent breach at the Office of Personnel Management, the Interior deputy inspector general painted a picture of how a hacker might have breached the agency's computer system.
An international police operation has resulted in charges being filed against dozens of suspected cybercriminals, as well as the shuttering of the infamous hacking forum Darkode. But will the operation take a serious bite out of cybercrime?
Security researchers reported a zero-day bug to Microsoft - which has patched the flaw - after reverse-engineering details were contained in a bug hunter's sales pitch to hacked surveillance software vendor Hacking Team.
After the OPM breach, the U.S. and China recently agreed to hammer out a cyber "code of conduct." But John Pescatore, a director at the SANS Institute, argues that governments would be better served by first jointly combating cybercrime.
The OPM breach is not just the biggest in U.S. government history. It's also likely a classic case of third-party risk management, says Jacob Olcott of BitSight Technologies. What are the key lessons to be learned?
Shed a tear for enthusiasts of aging Microsoft Windows operating systems. That's because Microsoft has now retired Windows Server 2003 support, as well as anti-virus scanner and signature updates for Windows XP. But breaking up can be hard to do.
To prepare for any type of information security audit, healthcare organizations must be ready to precisely demonstrate how they are assessing, prioritizing and mitigating risks, as a recent state audit of Roswell Park Cancer Institute reinforces.