Federal auditors say a data repository used for data analysis and reporting for the Affordable Care Act, better known as Obamacare, had numerous data security shortcomings that have since been addressed. Security experts say the problems cited are common to many organizations.
The severity of the U.S. Office of Personnel Management breach continues to grow, with investigators now reporting that hackers stolen 5.6 million people's fingerprint data. The theft may have security implications well into the future.
The number of apps infected in the first large-scale Apple App Store malware outbreak is far higher than was first believed, according to the cybersecurity firm FireEye, which reports that at least 4,000 apps were infected with XcodeGhost malware.
The attacks have evolved, breaches have multiplied, and serious security gaps have been exposed. But what most concerns FireEye President Kevin Mandia? The rise of nation-states as leading threat actors.
Amid some controversy, a national encryption policy draft was withdrawn by the Indian government within days of its release for public comment. Security experts say the draft reflects a lack of clarity and needs more work.
Responding to U.S. government criticism of China over its persistent online economic espionage campaigns, Chinese President Xi Jinping says that the Chinese government does not hack other nations, or support Chinese companies that do so, and calls for those responsible for cyberattacks to be prosecuted.
Organizations create more data than ever, and they face more requirements to collect and present it for investigations and legal cases. How do they avoid spoiling this data? Zapproved's Sarah Thompson offers tips.
Many organizations spin their wheels when it comes to cybersecurity, says IBM's Andy Land. They invest in tools that do everything except what security leaders are fundamentally tasked with doing: Protect the data.
The fraud shift as a result of the migration to EMV chip payments in the U.S. will extend beyond card-not-present payments, experts at Information Security Media Group's fraud and data breach summits in San Francisco last week warned.
For years, information security experts have been warning users to create complex, unique passwords, and organizations to secure them properly. But an analysis of 12 million cracked Ashley Madison passwords shows how much we're still failing.
The insider threat is one that organizations often want to overlook. But it's hard to ignore when they are losing critical assets. Lockheed Martin's Douglas Thomas tells how to sell an insider threat program.
In light of the uptick in hacker attacks on the healthcare sector, Everett Clinic in Washington is making a number of additional moves to bolster its cybersecurity, says CIO Becky Hood. Find out about the top priorities.
The creation of the California Cybersecurity Integration Center demonstrates that the state is taking a proactive approach to securing its digital assets, says Mark Weatherford, a former California state CISO and onetime DHS deputy undersecretary for cybersecurity.
While covered entities and business associates are becoming more aware of the need to encrypt patient data at rest, they often overlook securing data as it's shared and received, says security expert Joe Meyer of Coalfire.
Increasingly, as enterprise leaders plan security investments, they think not just about threats and technology, but also how to tie their decisions to business performance. Gartner's Sid Deshpande explains the shift.