The one factor with the biggest impact on any organization's digital transformation efforts - regardless of the organization's size or sector - is the ability to change its privacy, cybersecurity and IT culture, says Stephen Owen, CISO of Bourne Leisure Group.
At this year's annual meeting of the World Economic Forum, the cybersecurity message was clear: World leaders see it as essential for fixing the failures associated with past industrial revolutions as well as safeguarding future digital transformation, says Fortinet's Alain Sanchez.
Despite organizations enduring decades of security policies, programs, plans, metrics and awareness training, CISOs still complain that too many employees are failing at the cybersecurity basics, says Virtually Informed's Sarb Sembhi.
Employees view the ability to bring their own devices into their workplace life as a prerequisite for any job, which complicates organizations' identity management and cybersecurity efforts, says Barry McMahon of LastPass.
The latest edition of the ISMG Security Report offers an analysis of how Twitter allegedly was used to spy on critics of the Saudi Arabian government. Also featured: A preview of the new NIST Privacy Framework and an update on business email compromise attacks.
In December, PCI SSC plans to publish a new standard for solutions that enable "tap and go" transactions on merchant smartphones and other commercial off-the shelf mobile devices. Troy Leach, the council's CTO, offers insights on the role the standard will play in enhancing security for smaller merchants.
A Trend Micro employee stole and then sold contact information for 68,000 of the company's consumer subscribers, which led to a raft of unsolicited tech support scam calls, the company says. The employee has been fired. The incident highlights the risk of insider threats.
The U.S. Department of Justice has charged three men with perpetrating a campaign to infiltrate Twitter and spy on critics of the Saudi government. Two of the suspects formerly worked for Twitter, allegedly feeding details to Saudi handlers that could be used to identify and locate critics of the Saudi regime.
Facebook has revealed that, once again, it allowed third-party app developers to wrongfully gain access to its customers' private data. The company changed access for about 100 developers after the problem was discovered.
Organizations should develop a comprehensive strategy for managing third-party security risks and avoid over-reliance on any one tool, such as vendor security risk assessment, monitoring or ratings services, says analyst Jie Zhang of Gartner.
A misconfigured billing system that caused a mailing mishap affecting nearly 83,000 individuals has prompted Texas Health Resources to file 15 breach reports to federal regulators - one for each hospital involved.
Alleged Capital One hacker Paige A. Thompson has been released from prison and will stay in a halfway house until her trial in federal court next year. Prosecutors allege that Thompson stole over 100 million records from the bank earlier this year.