A breach is a disaster, says business continuity specialist Ken Schroeder. So organizing an effective breach-response team does not require a reinvention of the wheel. What it does require is a holistic approach.
Save Mart, the Modesto, Calif.-based grocery chain, now confirms that skimming devices are to blame for the data breach believed to have exposed hundreds of consumer accounts to debit and credit card fraud.
Breaches have an adverse impact on the fundamental operations of a business or government and without fully understanding that, executives and managers cannot smartly run their operations successfully.
A string of data breaches in recent months has put the spotlight on the need to take adequate precautions to protect sensitive information. From hackers issuing phony digital certificates to million of patients having their records potentially exposed as a result of lost or stolen backup files, breaches point to the...
Fraud threats have changed little in the past decade. But their global scale has, and James Ratley, president of the ACFE, details how fraud examiners must change their approach to fighting these crimes in 2012.
A federal appeals court has ruled in favor of victims of the 2007 Hannaford data breach. Attorney Ronald Raether explains the ruling and what it potentially means to future breached entities and their customers.
Deven McGraw, co-chair of the Privacy and Security Tiger Team that's advising federal healthcare regulators, explains why she's frustrated by delays in rolling out new regulations to protect electronic health records and safeguard the exchange of patient information.
Healthcare organizations should carefully document all necessary breach investigation and notification actions and responsibilities to avoid chaos when an incident occurs, says Dawn Morgenstern, privacy official at the Walgreens national drugstore chain.
2011 has offered quite a number of tough lessons for security professionals. Here at (ISC)2, where security education is our focus, the close of another year raises the old teacher's question: "What have we learned, class?"
It's a corporate account takeover scheme - with a twist. The scam involves money mules and distributed denial of service attacks. "This is an entirely different scenario," says Mike Smith of Akamai Technologies.