Simple credentials, such as passwords, are a hacker's best friend, says Phillip Dunkelberger of Nok Nok Labs, a founding member of the FIDO Alliance. That's why the alliance is working to reduce reliance on passwords by enabling advanced authentication.
Dan Clements of IntelCrawler, the research firm that claims it traced malware apparently used in the Target breach and other retailer attacks, outlines steps merchants, banks and others should take to secure their networks.
Distributed generation and plug-in motor vehicles are among the emerging security challenges to the smart grid. In an RSA 2014 preview, Gib Sorebo of Leidos discusses the threats to utilities and consumers.
Many security incidents that affect the nation's critical infrastructure go unnoticed due to a lack of sufficient detection or logging capabilities, according to a new report, which calls for enhanced monitoring and reporting of incidents.
Lawsuits that card issuers have filed against Target to help recoup expenses associated with the retailer's breach aren't likely to reap big rewards, two legal experts say. But they are sending a strong message.
You'd think that preventing damage caused by cyber-attacks would be incentive enough to get organizations to adopt cybersecurity best practices. But the government is working with industry to develop incentives to encourage adoption.
Despite their differences on certain issues, the Financial Services Roundtable and the Retail Industry Leaders Association have joined forces in an effort to prevent breaches by enhancing cybersecurity and threat intelligence sharing.
Many endpoints in the healthcare sector, including medical devices, are being hacked because of inadequate security, according to a new study from the SANS Institute that identified apparent vulnerabilities at 375 organizations.
Merrill Halpern of the United Nations Federal Credit Union, a pioneer in the use of chip cards, says high-profile retail breaches reinforce the long-term value of EMV for various forms of payment within the U.S.
Now that the cybersecurity framework has been released, security experts are pondering whether the voluntary approach to following the guidance might eventually need to be replaced by some sort of mandate.