To mitigate the top threats for 2013, organizations need to understand the motivations of potential attackers so they can adequately defend their networks and systems. Experts describe risk management strategies for the year ahead.
With different nations establishing different privacy standards, organizations face adopting the most stringent regulations in order to be compliant everywhere they operate, says Marc Groman, a director of the International Association of Privacy Professionals.
Forensics expert Rob Lee says its not new types of attacks that concern him. It's the old ones that continue to impact organizations. How can forensics pros learn from past incidents and respond in 2013?
The hacktivist group Izz ad-Din al-Qassam Cyber Fighters claims that its second phase of distributed-denial-of-service attacks has affected nine banks since Dec. 11, and it warns more attacks are on the way.
For the first time, a federal investigation of a health information breach that affected fewer than 500 individuals has resulted in a financial penalty for HIPAA violations. Read more about the settlement.
An evolving concept known as "intelligent security" involves using a combination of technologies to detect threats, helping security professionals become more proactive. Learn how pioneers are using the new approach.
A restaurant wholesaler has been breached a second time, and investigators are still trying to determine how the incident occurred and how many cards were exposed. The POS hack raises questions about ongoing PCI compliance and in-house fraud detection systems.
Threats have evolved, and so have our Internet needs. This is why organizations need to explore the security and productivity gains of the next-generation firewall, says Patrick Sweeney of Dell SonicWALL.
Hacktivists on Christmas Day announced new plans for more DDoS attacks against U.S. banks, and it appears Citi was among the first hit, although the attackers named no specific targets in their latest threat.
The answer seems obvious, especially in the context of IT security and information risk. Yet, is it, especially when developing codes and standards, as well as funding research and development initiatives that involve taxpayer money?