As more mega-breaches occur, cyber-insurers will more closely assess the security risks of potential clients, leading more organizations to improve their information security programs, attorney John Yanchunis predicts.
Community banking institutions are at great risk of cyber-attack because they often don't think they're targeted, says Scott McGillivray of Pacific Continental Bank, who describes how to convey this risk to senior management.
A bill to be introduced by Rep. Mike McCaul would designate DHS's National Cybersecurity and Communications Integration Center as the portal for sharing cyberthreat information. The measure will spell out liability safeguards for those sharing data.
Microsoft has revoked a fraudulent SSL digital certificate issued in the name of its Finnish Windows Live service. But security experts warn that some software may "trust" the certificate for years, so it could be exploited in phishing campaigns.
More hackers are holding data for ransom, demanding everything from bitcoins to the shutdown of nuclear reactors, under the threat of leaking sensitive information. But it's not clear how many such attacks generate revenue for attackers.
In the wake of the hack of U.S. insurer Anthem, security experts say Indian businesses are also at risk from such attacks, and may already have been breached. Here's how businesses everywhere must respond.
As the next wave of medical school graduates begins clinical training at healthcare organization across the U.S., it's critical these new clinicians be prepared to protect patient privacy, says healthcare attorney and professor Julie Agris.
Although breaches affecting U.S. retailers are widely reported, Verizon's new PCI Compliance Report shows increases in the theft of payment card data and other personal information span numerous industries in all international markets.
Both Microsoft and Apple this week released patches to address the so-called "Freak" flaw in SSL/TLS. Microsoft also released a fix that addresses a failed 2010 patch for a vulnerability that was exploited by the Stuxnet malware.
West Virginia United Health System is taking a multi-step approach to thwarting insider threats, including aggressive analysis of access audits, says assistant CIO Mark Combs, who helps lead the system's privacy and security efforts.
The latest annual Office of Management and Budget report to Congress on agencies' FISMA compliance shows IT security is complex and tough to effectively implement, with authentication, in particular, a challenge.
"Align technology with businesses" is an old phrase. But information security is now part of this change, making strides to align with growth as a business enabler. Enter: the converged technology operations center.
Weaponized roller coasters? Kidnappers hacking babycams? Forget over-the-top "CSI: Cyber" hacking plots. The hackers behind the Rogers ISP breach, in their quest for bitcoins, claim they wielded nothing more serious than a telephone call.
The CEO of Bit9 speaks from experience: His firm was hacked, sensitive data stolen and customers put at risk. And what's happened since represents his mission to fend off attackers, even as they refine their hacks.