The Department of Health and Human Services has a long list of information security weaknesses, including identity and access management and incident response shortcomings, that need more attention, according to a federal watchdog agency's audit report.
More cybercriminals are adapting their attack techniques, using compromised credentials linked to privileged accounts to invade networks and systems, according to researchers at Dell SecureWorks, who describe an open source solution that can help mitigate the threat.
The security industry has been too focused on managing identities - and not focused enough on privileged access, says Andy Vallila of Dell Security Solutions. In this video interview, he discusses the level of visibility organizations need for privileged accounts.
The keys to the digital kingdom are too easy to steal through malware and social engineering. What can security leaders do to help raise their organizations' level of privileged access management? Ken Ammon of CA Technologies offers insights in this video interview.
Identity management is going to be a big issue in 2016, and emerging authentication tools, such as biometrics, could very well gain a more significant foothold, although not without posing new risks, says Steve Martino, CISO at Cisco Systems.
Just back from a trip to Israel, where she spoke with leading security researchers about such topics as the Internet of Things, cyberterrorism and banking malware, Gartner analyst Avivah Litan says 2016 will be a turning point for adoption of biometrics in identity proofing. Learn why in this video interview.
It's springtime in San Francisco: cue the annual RSA Conference. Here are some notable trends that have already emerged from the event, ranging from ransomware and phishing attacks to hacker self-promotion and Facebook fakery.
As a result of high-profile breaches, emerging malware threats and increased regulatory scrutiny, CISOs at financial institutions are under more pressure than ever to develop innovative strategies for enhancing cybersecurity. And the CISO's evolving role will be a hot topic at RSA Conference 2016.
Several recent health data security incidents - including two at a Florida hospital and another at a Washington state Medicaid agency - illustrate the challenges healthcare organizations face in detecting and preventing insider breaches.
President Obama is creating a federal CISO post as part of a multifaceted initiative aimed at strengthening the nation's IT security. His plan includes forming a public-private Commission on Enhancing National Cybersecurity and boosting government cybersecurity spending by 35 percent.
Here's more evidence of how a data breach can have a major financial impact. The bill for U.K. telecom giant TalkTalk's October 2015 data breach could be as much as $94 million, and the incident resulted in the loss of 95,000 customers.
How many networking vendors - like Juniper - have been selling devices with backdoors attackers could use to intercept and decrypt communications? Some networking giants say they've launched code reviews. But why are eight vendors staying silent?
Four years after European criminals exploited EMV implementation vulnerabilities to steal an estimated $650,000, security experts say not all banks have adopted full fixes. But the payment card industry contends related mitigations are in place and working.
Despite the frequency of healthcare data breaches, only half of U.S. hospitals have the infrastructure to support two-factor authentication, according to a new report. Plus, some information security leaders say implementation of the technology at many of those facilities is likely relatively narrow.