Cory Mazzola, a cybersecurity leader at Las Vegas Sands Corp., says recruiting security pros amid a talent shortage requires putting aside expectations about degrees and backgrounds. Instead, he says companies need to be willing to develop new skills in their new hires.
The new head of the agency that enforces HIPAA says his top enforcement priority for the coming year is to find a "big, juicy, egregious" breach case to use as an example from which others can learn. What else is on Roger Severino's agenda?
Security experts often contend that potential damage from cyberattacks can be avoided if organizations just patch their systems. But Bank of the West Deputy Chief Security Officer David Pollino says applying patches sometimes is more easily said than done.
At a time when fraud is attempted across multiple channels and customers still demand a frictionless digital experience, Kevin Donovan of Biocatch makes the case for organizations to embrace the tenets of continuous authentication.
Instagram is warning that more users were affected by a hack of its systems than it first suspected. While email addresses - and some phone numbers - for celebrities, including Emma Watson and Lady Gaga, appear to have been compromised, 6 million account holders in total may have been affected.
AT&T's U-verse routers and gateways contain a bevy of internet-of-things coding errors that could be easily exploited by hackers, a researcher contends. As many as 235,000 hosts could be vulnerable to attack.
This special edition of the ISMG Security Report features the observations of top cybersecurity experts featured at Information Security Media Group's recent Fraud and Breach Prevention Summit in New York.
PrincessLocker ransomware is back, although it's less demanding than it used to be, with attackers decreasing the quantity of bitcoins they require to unlock forcibly encrypted files. Unusually, the ransomware is being spread by the RIG exploit kit.
The U.S. federal government and many states haven't conducted forensic investigations into the election systems probed by hackers prior to the 2016 election. An investigation by the New York Times has found two more providers of election systems that were breached.
A massive Locky ransomware campaign has been infecting devices via malware-laced spam messages as well as through fake Dropbox phishing pages. More than 23 million Locky spam email have been seen in just one 24-hour period.
A federal judge has ruled that a consolidated class-action lawsuit filed by those affected by the Yahoo data breaches can proceed. The ruling means Yahoo's corporate parent, Verizon, will face a suit that could eventually lead a court to attempt to quantify the financial impact of leaked data.