"We never negotiate" might be the expectation whenever law enforcement or government agencies get targeted by criminals or even "cyberterrorists." But outside Hollywood, the reality too often turns out to be far less rigid.
Here's why the acquisition of rival threat-intelligence firm iSight Partners by breach investigation heavyweight FireEye makes sense, and why market watchers predict that other stand-alone intelligence firms will soon get snapped up.
The FFIEC's Cybersecurity Assessment Tool needs to be redesigned, as the tool's current design sets institutions up for cyber-risk assessment failure. Industry leaders say they're hopeful that change is on the way because the FFIEC is reviewing a second wave of comments about the tool's efficacy.
New guidance for cyber-resilience, vendor management and breach notification are expected for New York state banks in early 2016. And the tone set by these guidelines may have a ripple effect, influencing the actions of federal banking regulators.
Turns out electronic learning products can be bad for children's privacy - and for their parents too. The VTech breach highlights how, despite repeated warnings, too many manufacturers continue to not take security seriously.
Ireland's Cyber Crime Conference in Dublin drew a capacity crowd for a full day of security briefings, networking, hotly contested capture-the-flag and secure-coding challenges, as well as a chance to sharpen one's lock-picking skills.
The shift to the EMV standard in the U.S. has drawn incredible media attention for more than a year as everyone witnesses the approach of the looming liability shift deadline. But what does it really mean for merchants, consumers, and hackers? I say the answer is actually very little, and in as few words as possible,...
BitSight Technologies is out with its annual Industry Benchmark Report, and cybersecurity ratings are low for the energy and utilities industry. BitSight's Mike Woodward shares insights for all sectors.
Blue Coat CTO Dr. Hugh Thompson speaks about the future of security, the constants that need attention, and lessons to be learned from the U.S. when it comes to writing meaningful breach notification laws.
An inspector general's memo that highlights three significant information security deficiencies that have plagued the U.S. Department of Labor for the past five years points out problems that most federal agencies confront.
Thou shalt not reverse engineer Oracle's products. That was the stunning diktat issued by Oracle CSO Mary Ann Davidson in a blog post that some are reading as a declaration of war against the security research community.
Mumbai-based Meru Cabs, which offers online and mobile-app cab bookings, has been inadvertently exposing customer data to the Internet. How did the exposure occur, and what is Meru doing to address the flaw?
Some federal lawmakers are concerned that passing a national data breach notification law would weaken security protections found in certain states' statutes. That's a major reason getting a national law enacted will prove difficult.