The director of the National Security Agency, Navy Admiral Michael Rogers, says he expects to see adversaries launch a cyber-attack in the next few years aimed at severely damaging America's critical infrastructure.
Cybersecurity specialists need to learn to think like an adversary in order to develop sound defense strategies, says Greg Shannon, chief scientist at the CERT Division of Carnegie Mellon University's Software Engineering Institute.
Organizations in all business sectors should take a series of steps to guard against "visual hacking," a low-tech method used to capture sensitive, confidential and private information for unauthorized use.
Microsoft has issued a patch to correct a critical vulnerability in Schannel, which encrypts transactions on most Windows platforms. The bug is "concerning" for organizations running the service, some experts say, comparing it to the Heartbleed flaw.
Comptroller of the Currency Thomas Curry says "it's only fair" that merchants should be responsible for some of the expenses that result when their systems are breached. Now, security experts consider the implications of his comments.
Troy Leach of the PCI Security Standards Council says log monitoring is an effective data breach detection tool that, unfortunately, not enough merchants put to use. He explains how upcoming PCI guidance could help with implementation.
A hotel booking website hack - resulting in stolen payment cards - triggers a regulator's warning that businesses still need to pay close attention to eliminating SQL injection vulnerabilities from their websites and emphasizing secure coding.
The debate between leading retail and banking associations over accountability for card fraud has heated up in recent weeks. One retail group now says claims about merchant security and fraud liability have been misstated.
In this post-Target era of "It's not a matter of if, but when," how prepared is your organization for a data breach? Michael Buratowski of General Dynamics Fidelis Cybersecurity Solutions offers tips for breach planning and response.
As part of their breach response strategies, organizations need to establish clear guidelines in advance so they know when it's appropriate to offer victims free credit monitoring or ID theft protection services.
In the wake of the JPMorgan Chase breach, which exposed personal information about millions of consumers and small businesses, banking leaders say they're increasingly concerned about cyber-attacks and geopolitical threats.