A recent interview about why retailers say EMV without the PIN is a fruitless fraud-fighting effort has spurred debate among retailers and bankers. In the end, though, bankers' resistance to PIN is all about time and money.
As the 114th Congress convenes this week at a time of growing public awareness of security breaches, it's expected to consider cyberthreat information sharing measures. But can the White House and Congress resolve past differences over the legislation?
As healthcare organizations step up their efforts this year to exchange more patient data with others to improve care, it's urgent that they address the "significant risks" involved, says Erik Devine, chief security officer at an Illinois hospital.
After the complete collapse of network security at Sony Pictures - in the wake of its data breach - it's important that we highlight some of the organization's fundamental security mistakes. Here's a macro view of the lessons we must all learn.
In the wake of a data breach that followed a routine regulatory, a former regulator is asking why the agency failed to disclose the breach sooner, and why it has not accepted more responsibility for its error.
The response by Sony Pictures Entertainment executives to the hack attack against their company provides a number of great examples for how to not to handle a data breach. Here are 7 key mistakes they made.
A federal judge has denied Target's motion to dismiss a consolidated class action lawsuit filed on behalf of consumers affected by the retailer's December 2013 data breach. The move follows a similar ruling regarding a class action lawsuit involving banks.
Without ceremony, President Obama has signed five cybersecurity-related bills, including legislation to update the Federal Information Security Management Act, the law that governs federal government IT security.
Legislation approved by Congress seeks to cement the long-term role of the National Institute of Standards and Technology in working with industry to develop cybersecurity best practices that critical infrastructure operators can voluntarily adopt.
Congress this week passed four cybersecurity bills, and a commonality among all of the measures is that they strengthen the Department of Homeland Security as a cybersecurity force within the federal government.
For the first time in a dozen years, Congress has passed and sent to President Obama for his expected signature major cybersecurity legislation, including a bill to update the law that governs federal government IT security.
Federal regulators are sending a powerful message about the importance of applying software patches by slapping an Alaska mental health services providers with a $150,000 HIPAA sanction. Learn what's included in the corrective action plan.
Like the Target breach a year ago, the Sony Pictures Entertainment hack that's grabbed recent headlines will prove to be a catalyst for change, grabbing the attention of CEOs and board members and spurring them to beef up information security.
The latest entrant into the password "hall of shame" is Sony Pictures Entertainment. As the ongoing dumps of Sony data by Guardians of Peace highlight, Sony apparently stored unencrypted passwords with inadequate access controls.
Lawmakers and their staffs are working behind the scenes to get one or perhaps two pieces of cybersecurity legislation enacted before the 113th Congress adjourns this month. But passage remains a longshot.