Virtually every industry is prone to cyberattacks, online fraud and identity theft. For years' banks have secured online transactions for commercial accounts and private banking customers via multifactor authentication. Now through organizations like the NCSA and HIMSS, multifactor authentication may finally become...
In January, banks and other financial services companies based in New York may have to comply with tough new cybersecurity requirements. But some critics contend that the state's regulatory proposal is far too prescriptive, making it challenging for banking institutions, especially smaller ones, to comply.
With comprehensive network modeling extending into virtual networks, network security engineers can gain the needed visibility to unify security and compliance processes across their hybrid hardware and virtual environments.
The National Health Information Sharing and Analysis Center aims to better engage smaller healthcare organizations in cyber threat information sharing, leveraging funds from two recent federal grants. Denise Anderson, president of NH-ISAC, describes the plans in this in-depth interview.
Understanding the difference between cybersecurity crisis management and security incident response could be critical to your organization's survival. In this blog, a CISO offers insights on creating an effective crisis management plan.
The latest edition of the ISMG Security Report leads off with an analysis of the PCI Security Standards Council's new requirements that are designed to help thwart attempts to defeat encryption in point-of-sale devices.
In a rare case of potential breach accountability, Verizon is reportedly demanding a $1 billion discount to acquire Yahoo as a result of the search giant's failure to more rapidly spot a data breach that compromised at least 500 million users' accounts.
Markus Jakobsson, Chief Scientist at Agari, has released a new book focused on socially-engineered schemes. What are the key takeaways, and how can security leaders improve their abilities to fight back against the schemers?
The internet of things is being compromised by malware-wielding attackers exploiting default credentials baked into devices. What will it take for manufacturers to ship devices that are secure by default?
Commerce Secretary Penny Pritzker suggests that regulatory agencies should implement cyber threat information sharing programs with the businesses they regulate, not only to enhance their IT security, but to build a collaborative environment between the two, often adversarial sides.
The Yahoo breach - and the theft of unencrypted security questions and answers - is a reminder to use unique passwords and security questions, store them using a password safe and take advantage of two-factor authentication whenever it's available.
Hillary Clinton and Donald Trump ventured into new territory for their first presidential debate: cybersecurity. It marked one of the few subjects on which both candidates broadly agreed, although the exchange was marked with sharp jabs and an interesting attribution theory from Trump.
As pressure to speed the development of applications intensifies, CISOs must be the "voice of reason," taking a leadership role in ensuring security issues are addressed early in app development process, says John Dickson, principal at Denim Group, a Texas-based security consultancy.