CISOs who want to keep more cyber-attacks from succeeding should focus on decreasing the half-life of vulnerabilities, which refers to the amount of time it takes half of all systems affected by a vulnerability to get patched. That's the advice from Qualys' Wolfgang Kandek.
Is a hackable car defective? The auto industry likens hack attacks to troublemaking. But legislators and regulators are taking a closer look at connected cars and the safety risks posed by software bugs.
Extortionists and "free agent" rogue insiders have emerged as the top two most malicious cybercrime threats to banking institutions, says Gartner's Avivah Litan. How should institutions bolster their defenses?
Stock markets in the United States, Europe, China and India continued their volatility Aug. 24, and it's not clear how cybersecurity stocks will weather the downturns. But with hack attacks not letting up, some analysts say cybersecurity companies will likely continue to thrive.
In the wake of the discovery of the serious Android Stagefright flaws, which affect an estimated 950 million devices, security researchers reveal that they discovered yet another Stagefright flaw - and that Google's initial fix could be exploited.
Blue Coat CTO Dr. Hugh Thompson speaks about the future of security, the constants that need attention, and lessons to be learned from the U.S. when it comes to writing meaningful breach notification laws.
An inspector general's memo that highlights three significant information security deficiencies that have plagued the U.S. Department of Labor for the past five years points out problems that most federal agencies confront.
The Internal Revenue Service says cyber thieves may have accessed as many as 334,000 taxpayer accounts in a breach of its Get Transcript system, far more than the 114,000 accounts it originally estimated in May.
What do successful but separate malware attacks against banking customers around the world, as well as the White House and health insurer Anthem, all have in common? Researchers say the answer is shockingly simple.
The outrage directed at Oracle Corp.'s security chief after a recent blog post in which she scolded third parties who scan the company's software looking for security flaws had a familiar ring: Do medical device makers have a similar cybersecurity attitude?
Security is a busy sector: Symantec jettisoned Veritas, Zscaler became a "unicorn" after its most recent funding round, and we have other M&A news from Cisco, Fidelity National Information Services and Proofpoint.
The Windows 10 Home edition being released by Microsoft includes on-by-default cloud services that may pose "bring your own device" risks to organizations, F-Secure security expert Sean Sullivan warns.
As the Department of Defense embarks on a multi-billion dollar project to overhaul its EHR system, supporting millions of military personnel, there are critical privacy and security challenges to be tackled.