To prevent leaks, the National Security Agency is considering a number of measures, including reducing the number of systems administrators it employs, Director Keith Alexander tells a House committee.
When it comes to breach prevention, many organizations are improving their own security posture, but neglecting that of their strategic partners.
It's a wide gap that far too few organizations even recognize, says Tom Kellermann, vice president of cybersecurity at Trend Micro.
The FDA has issued draft guidance urging medical device makers to develop cybersecurity controls. It has also released tips for how healthcare organizations can mitigate cybersecurity risks to devices.
The information security industry needs to hit rock bottom, says Akamai's Joshua Corman. And then - to truly improve information risk management - it needs to develop a new, adversarial view of the world.
When it comes to breach prevention, many organizations are improving their own security posture, but neglecting that of their strategic partners. Trend Micro's Tom Kellermann outlines third-party risks.
In an interview about virtual supply chain threats, Kellermann discusses:
Supply chain gaps organizations...
As they develop mitigation strategies, organizations must keep in mind that all cyber-attacks, ranging from DDoS to phishing, ultimately aim to compromise data - and they virtually all are advanced and persistent.
Gov. Andrew Cuomo says policyholders' health, financial and personally identifiable information stored by insurers could be the next big target of hackers, so the state is seeking cyber-protection information from top insurers it regulates.
In this week's breach roundup, read about the latest incidents, including a hacker pleading guilty for his role in the 2011 breach of Strategic Forecasting Inc., a global intelligence firm, that affected about 860,000 individuals.
Congress is highly unlikely to enact new laws to require industry to adhere to cybersecurity regulations. But that hasn't stopped a fierce debate among lawmakers and security experts on the value of such rules.
A distributed-denial-of-service attack in Europe highlights the need for Internet service providers to implement security best practices to prevent future incidents and protect their users, ENISA's Thomas Haeberlen says.