Improving network security requires understanding your environment and controlling it before implementing network segmentation, says Nathaniel Gleicher of Illumio, who explains lessons that can be learned from the Secret Service's approach.
With roughly six months to go before the GDPR enforcement deadline, Petter Nordwall and Anthony Merry of Sophos says it's time for organizations to assess whether "They need to panic a little, or they need to panic a lot."
Federal regulators are reminding healthcare entities and business associates of the serious security and privacy risks that terminated employees can pose and offering advice for mitigating those risks.
A trio of Democratic senators is pushing for passage of a U.S. national data breach notification law. Data breach expert Troy Hunt tells lawmakers that data breaches will only get worse. But will Congress, which has rejected similar measures, enact this latest proposal?
The lack of skilled personnel is hampering incident response, but automation can help, says Mike Fowler of DFLabs. Providing responders with "playbooks" for step-by-step incident response processes, for example, is essential, he contends.
Spear phishing is the common trigger to many of the most popular - and successful - targeted attacks. How can organizations improve their defenses? Jon Clay of Trend Micro tells how to better spot and stop spear phishing.
A commentary on the need for developers to be more deliberate in securing IT products leads the latest edition of the ISMG Security. Also featured: A report on Congress tackling voting machine security.
Credit unions offer unique services to a unique member base - and they face unique challenges when rolling out multifactor authentication across all of their banking channels. Michel Nerrant of Crossmatch discusses how new biometric solutions can meet CU needs.
Beleaguered ride-sharing service Uber has informed Britain's privacy regulator that 2.7 million U.K. riders and drivers had personal details exposed by the massive 2016 data breach that it covered up for a year.
Apple's latest desktop operating system, High Sierra, has a massive vulnerability that allows anyone to create, without a password, a "root" account that has access to all files on the computer. It's the third authentication-related fumble found in High Sierra since its general release in September.