When NIST issued "Guidelines on Cell Phone Forensics" in May 2007, Apple's introduction of the iPhone was a month away. Seven years later, NIST is revising its guidance and giving it a new moniker, "Guidelines on Mobile Device Forensics."
A call center worker at the Connecticut health insurance exchange loses a backpack containing notepads containing sensitive consumer information. Investigators want to know why the paper-based information left the building.
Luxury retailer Neiman Marcus is searching for its first CISO following the company's major data breach last year. Security experts weigh in on the attributes of ideal candidates and offer advice for how they should tackle the job.
The British government aims to increase uptake of five essential security controls at U.K. businesses, backed by third-party annual audits and a badge of compliance. Many government contractors must comply.
Customers increasingly use digital channels to interact with organizations. But these interactions raise new security concerns that must be addressed by IAM solutions, says David Gormley of CA Technologies.
In the wake of the Heartbleed flaw, a researcher finds new weaknesses in OpenSSL that could be exploited to launch man-in-the-middle attacks, distributed-denial-of-service attacks and remote-code execution on millions of sites.
Although breach prevention may be on the minds of more CEOs and boards of directors in the wake of recent incidents, getting their buy-in for funding still requires educating them on the risks that could have an impact on the business.
A proposed UK computer crime bill would increase hacking penalties and criminalize cybercrime attacks that impact the economy, environment or national security. Proving related charges in court, however, could be difficult.
American Express is notifying about 77,000 California cardholders that their personal information and card data has been posted on various websites, with members of the hacktivist group Anonymous taking credit for the breach.
An ongoing APT campaign employs decoy documents to lure potential victims into installing malicious remote-control tools. Targets include at least one bank, the BBC and many U.S. and EU government agencies.