Sony's 2014 cyber-attack cleanup costs continue to mount. The company reports spending $35 million on remediation as of March, and costs will continue to mount, now that a judge has ruled that a class-action lawsuit by former employees can proceed.
Well-known health data privacy expert and federal adviser Deven McGraw is joining the Department of Health and Human Services' Office for Civil Rights as its new deputy director for health information privacy, heading its HIPAA enforcement efforts.
The FBI and Justice Department are investigating a 2014 hack that compromised systems owned by the Houston Astros professional baseball team, which was allegedly launched by the rival St. Louis Cardinals.
What's your digital identity strategy? Numerous agencies in countries across Europe - such as the Italian postal service - are creating new approaches to verifying identities and allowing them to be used as a trusted service, says CA's Paul Briault.
Threat intelligence is increasingly being brought to bear to help businesses apply kill-chain concepts, focusing on disrupting discrete parts of online attacks as early as possible, says Fortinet's Simon Bryden.
Wipro has developed a fraud detection model for improved risk management using big data analytics. Can CISOs leverage it to reduce risk, enhance process efficiency and refine fraud detection algorithms?
Exasperated House Oversight Committee Chair Jason Chaffetz faults OPM Director Katherine Archuleta for not embracing a 2014 inspector general recommendation to shutter unauthorized IT systems that hackers eventually breached.
The Internet of Things is posing an increased risk to all organizations. One global data center provider, for example, recently discovered that its malware-infected power supplies were part of a botnet, says Chris Richter of Level 3 Communications.
Forget attributions of the German parliament malware outbreak to Russia, or Chancellor Angela Merkel's office being "ground zero." The real takeaway is the Bundestag's apparent lack of effective defenses or a breach-response plan.
A new Obama administration cybersecurity initiative isn't placing new burdens on federal government agencies; it's aimed at getting them to comply with recommended safeguards they've failed to implement.
When it comes to health data breaches, business associates are again grabbing headlines, calling attention to the importance of scrutinizing vendors. The latest incident involves a breach that wasn't reported to a covered entity for eight months.
In the wake of a May cyber-attack against the IT infrastructure of Germany's lower house of parliament, or Bundestag, investigators say they have been unable to eradicate all traces of the Trojan infections, and that up to 20,000 PCs might need to be replaced.