The general feeling is that having a lot of services is a strategic differentiator that helps attract and retain customers. While there may be some truth to that line of thinking, there are also some unspoken risks.
Malware attacks against retailers are becoming more common. Many breaches linked to these attacks could be prevented, experts say, if merchants took more steps to lock down networks and point-of-sale devices.
Payment data and personal information are both attractive targets for criminals, says breach investigator Erin Nealy Cox of forensics firm Stroz Friedberg. Learn why she says card data isn't the only lucrative target.
In light of evolving fraud threats, financial institutions increasingly are turning to two-factor authentication solutions. Alex Doll, CEO of OneID, offers advice to help institutions make the right choices.
Mark Weatherford, who recently stepped down as DHS deputy undersecretary for cybersecurity, says that although planned OpUSA DDoS attacks may initially be a nuisance, they represent a genuine long-term threat to the government.
The OWASP Top Ten list of security risks was created more than a decade ago to be the start of an industry standard that could bootstrap the legal system into encouraging more secure software. Here are the 2013 updates.
If the hacking community judges the planned OpUSA cyber-attack a success, it could spur more nefarious actors to try more vicious disruptions of U.S. websites, a Department of Homeland Security alert says.
In assessing the risk of a distributed-denial-of service attack, organizations must think beyond shoring up systems' perimeters and concentrate on analyzing cyberthreat intelligence, Booz Allen Hamilton's Sedar Labarre says.
In this week's breach roundup, read about the latest incidents, including a class action lawsuit against a VA hospital following the loss of a laptop and the discovery of records in an abandoned mental health facility.
Anonymous says its OpUSA attack planned for May 7 aims to 'wipe' government and banking websites from the Internet. Security experts say the threat is real, but are U.S. organizations taking it seriously?
When a financial institution experiences a distributed-denial-of-service attack or other cyber-attack, what details must they report to the SEC? The American Bankers Association's Doug Johnson explains.