After nearly 2Â½ months on the job, federal Chief Information Officer Tony Scott was reluctant to offer Congress a detailed assessment of the quality of agencies' information security until reviewing results of pending "CyberStat" reviews.
To better secure enterprise networks, as well as detect and respond more rapidly to data breaches, businesses need to know the who, what, where, when and why of all endpoints that connect to network resoruces, says ForeScout's Sandeep Kumar.
Federal regulators have hit a small Denver pharmacy with a $125,000 penalty for a 2012 breach involving improper disposal of paper patient records. It's the second such HIPAA-related penalty within a year tied to improper records dumping.
A report that Russian hackers read President Obama's email correspondence raises further questions about White House cybersecurity, say IT security experts, who offer insights on protecting White House systems.
For the first time, a foreigner has been convicted and sentenced in a U.S. court for hack attacks that resulted in the theft of U.S. intellectual property. But will the action have the intended deterrence effect?
(ISC)Â² and the Cloud Security Alliance have unveiled a new cloud security professional certification designed to measure advanced competence. Will training for the certification help professionals gain a better understanding of cloud security?
The Department of Defense has unveiled an updated cybersecurity strategy that officially acknowledges for the first time that the U.S. military is willing to use cyberwarfare to defend U.S. interests against cyber-enemies.
A class-action suit filed by U.S. banks and credit unions that's pending against Target could prove fruitful for the banks and credit unions, says attorney Chris Pierson, chief security officer at invoicing and payments provider Viewpost.
A group of financial institutions affected by the 2013 Target data breach is asking a court to stop the settlement between the retailer and MasterCard that would provide $19 million to card issuers, saying the amount is grossly inadequate.
A breach at St. Vincent Medical Group in Indiana is the latest example of a healthcare organization falling victim to an apparent upswing in phishing attacks targeting employees. And it was the third data breach for the provider organization.
In conducting due diligence, investors spend more time than ever assessing the cyber-risk posed by the company targeted for acquisition, says Jacob Olcott, VP for business development at Bitsight Technologies.