The National Institute of Standards and Technology is re-evaluating a set of its special publications because of concerns expressed by some leading cryptographers that the National Security Agency might have corrupted the guidance.
Organizations still have concerns about sharing too much data and threat intelligence to help thwart attacks. But EMC's Kathleen Moriarty says organizations' fears about intellectual property compromises are overblown.
Termination of an employee after a breach should be reserved for repeat offenders, individuals who show a total disregard for the rules, those who seek to harm another or the most egregious incidents, security expert Mac McMillan contends.
Apple's inclusion of a fingerprint scanner in its iPhone 5S is an important step toward bringing biometrics into the mainstream. But there's a long way to go before biometrics supplant passwords at the enterprise level.
About two weeks before health insurance exchanges open for business under healthcare reform, an exchange in Minnesota already is reporting a data breach. Find out about the incident and the investigation.
In the wake of a year of attacks waged against banking institutions by Izz ad-Din al-Qassam Cyber Fighters, the FS-ISAC's Bill Nelson and the ABA's Doug Johnson say the need to regularly update DDoS preparedness is a critical lesson learned.
Telecommunications company Vodafone is notifying about 2 million customers in Germany of a breach of sensitive financial information after it verified a highly sophisticated intrusion into one of its servers by an insider.
In this week's breach roundup, read about the latest incidents, including the Medical University of South Carolina notifying 7,000 individuals that their credit card information was compromised as a result of a card processor breach.
OpUSA's planned Sept. 11 DDoS against U.S. banks and governmental agencies proved to be uneventful, experts say. But they warn that other potential attacks, especially those with a Syria connection, could prove to be far more serious.
If Iran is behind distributed-denial-of-service attacks targeting American banks, should the United States retaliate aggressively with a Stuxnet-like response? Learn why the Atlantic Council's Jason Healey thinks that's a bad idea.
Federal authorities are warning banking institutions and government agencies about a wave of DDoS attacks that could strike on 9/11. Learn what steps the FBI suggests should be taken to mitigate the threat.
John Streufert, the DHS director overseeing the rollout of a federal continuous diagnostic initiative to mitigate IT systems vulnerabilities, expects that many state and local governments will participate in the program.
Scientists are discovering ways to make quantum key distribution a more cost-effective and efficient way to securely share encryption keys, but there's still a long way to go before the methods can be practically applied.
A class action suit has been filed against Advocate Medical Group following the theft of four unencrypted computers that may have exposed data on 4 million patients. Learn more about the allegations the lawsuit makes.