Premera Blue Cross already is facing five class action lawsuits in the wake of its massive data breach. Meanwhile, its CEO has provided some answers to questions posed by a U.S. senator regarding the hacker attack.
Experts debate the value of new PCI guidance for how businesses should use penetration testing to identify network vulnerabilities that could be exploited for malicious activity. Does the new advice go far enough?
The House Intelligence Committee has approved cyberthreat information sharing legislation that its leaders developed. Meanwhile, a national data breach notification bill has been introduced that's modeled on language proposed by the White House.
Efforts by some Democratic members of a House subcommittee to amend a national data breach notification bill so that states could retain tougher data security requirements have failed. The measure now advances to a full committee.
Add the Protecting Cyber Networks Act to the growing list of cyberthreat information sharing legislation pending before Congress. Lawmakers are now considering four measures, all designed to help thwart data breaches.
Psychologically speaking, nothing beats the power of a well-timed deadline. And love it or hate it, Google's 90-day "Project Zero" deadline for fixing flaws - before they get publicly disclosed - has rewritten bug-patching rules.
A draft of cyberthreat data sharing legislation from Rep. Mike McCaul is "marginally better" in regards to privacy protections than a measure that passed the Senate Intelligence Committee earlier this month, a privacy advocacy group says.
Witnesses testifying at a House hearing offered divergent views on the language of legislation to nationalize data breach notification, showing the challenges lawmakers face in crafting a bill that can pass Congress and be signed by the president.
Web.com won't confirm or deny that its Register.com subsidiary, which manages more than 2 million domain names, has been breached. But a news report claims the FBI is investigating a year-old intrusion.
A bill to be introduced by Rep. Mike McCaul would designate DHS's National Cybersecurity and Communications Integration Center as the portal for sharing cyberthreat information. The measure will spell out liability safeguards for those sharing data.
The addition of the Anthem Inc. hacking incident to the federal tally of major health data breaches triples the number of breach victims tracked since 2009. And the tally likely will soon include more hacking incidents, based on recent reports.
A proposed national data breach notification bill to usurp 47 state statutes could make it easier for businesses to notify consumers of a breach. But is that worth weakening PII protections some states offer? Massachusetts plans to do battle.