Office of Personnel Management Director Katherine Archuleta tells Congress that neither she nor anyone else at OPM should be held personally responsible for a breach of agency computers in which the personal information of millions was stolen.
The National Institute of Standards and Technology has issued new guidance, Special Publication 800-171, aimed at protecting federal data that's stored and processed on information systems outside the federal government.
The U.S. Office of Personnel Management breach continues to reveal such staggering levels of information security problems, paper-pushing and seeming incompetence that it's creating a new cyber-espionage category: the "victim-as-a-service" provider.
Wipro has developed a fraud detection model for improved risk management using big data analytics. Can CISOs leverage it to reduce risk, enhance process efficiency and refine fraud detection algorithms?
Forget attributions of the German parliament malware outbreak to Russia, or Chancellor Angela Merkel's office being "ground zero." The real takeaway is the Bundestag's apparent lack of effective defenses or a breach-response plan.
A new Obama administration cybersecurity initiative isn't placing new burdens on federal government agencies; it's aimed at getting them to comply with recommended safeguards they've failed to implement.
The investigation into the U.S. Office of Personnel Management breach has reportedly found that foreign spies may have stolen deeply personal information on up to 14 million current and former federal workers, going back three decades.
Hackers are using medical devices as gateways to launch targeted attacks at hospitals, but there are steps organizations can take to better protect their environments, says Greg Enriquez, CEO of TrapX.
Larry Ponemon, founder of the Ponemon Institute, offers an in-depth analysis of the results of the organization's 10th study of the costs of data breaches, which found, for example, that rapid growth in hacker attacks is leading to escalating costs.
Healthcare organizations' disaster recovery plans typically don't include steps to deal with looting incidents. But the April riots in Baltimore serve as a reminder that unexpected violence can result in health data breaches.
Rather than taking specific steps to thwart potential cyber-attacks from nation-states, organizations should focus instead on implementing a comprehensive strategy to protect their sensitive data from all threats, says Lance James of Deloitte &Touche.