The chairman of the U.S. Securities and Exchange Commission will face the Senate Banking Committee next week following the agency's belated disclosure that in May 2016, hackers stole secret market data from the SEC's systems and apparently used it for "illicit gain through trading."
Analyzing the impact of a breach of computers at the U.S. Securities and Exchange Commission leads the latest edition of the ISMG Security Report. Also, exploring alternative plans to implement cybersecurity regulations on credit reporting bureaus in the wake of the Equifax breach.
In today's dynamic threat landscape, "real-time" is the operative phrase - and it needs to apply both to threat detection and incident response, says Tim Bandos of Digital Guardian. What are the required security controls and tools?
Canada had been lagging behind the U.S. and some other nations in terms of breach notification regulations, but now it's catching up, says attorney Imran Ahmad, who explains new regulations that are going into effect.
Hackers behind the mega-breach at Equifax stole data in May, but they - or other attackers - penetrated the credit bureau's systems in March, exploiting a vulnerability for which Apache Struts had issued a patch, just four days prior.
A federal judge Tuesday dismissed three of six counts in a complaint filed by the U.S. Federal Trade Commission against IoT manufacturer D-Link that alleges its sloppy security practices deceived consumers. The FTC has until Oct. 20 to amend the complaint.
When creating a security action plan, not enough organizations include provisions for communicating with the police, says Kenrick Bagnall, a detective constable in the cybercrime unit of the Toronto Police Service.
Are organizations making the same security mistake with APIs today that they made with their websites 10 and 20 years ago? Jeffrey Costa of Akamai Technologies says yes and offers insight on securing and caching APIs.
Craig Gibson of Trend Micro has spent more than a decade researching the topic of security orchestration. He offers tactical advice for how organizations can best deploy their human resources to best maximize security across the enterprise.
Most organizations are good at collecting threat intelligence, but they struggle to operationalize it - and especially to use it for threat attribution. Arbor Network's Paul Bowen tells where organizations are commonly missing the mark.
A federal watchdog agency has announced it will scrutinize HHS's incident response capabilities as well as Obamacare's security controls. The agency has also issued a new report finding security gaps in Alabama's Medicaid information systems security.
Given the current threat environment, it's urgent that organizations add technical experts to their boards of directors to help ensure the development of effective cybersecurity strategies, says Art Coviello, retired chairman of RSA.
Securing a hybrid environment comes with inherent complexities - but there also are some misconceptions about security, says Tony Goulding of Centrify. He dispels the myths and sheds light on the new realities.