A new report from California's attorney general says failure to implement 20 critical security controls constitutes a lack of "reasonable security." So, could failure to adopt controls pose a legal threat to organizations? Perhaps, under certain circumstances.
The Internal Revenue Service, for the second time since August, has revised upward the number of accounts victimized in its Get Transcript breach, with the tax agency saying the personal information from as many as 724,000 taxpayers' accounts may have been stolen.
It's been just over a year since health plan Anthem Inc. reported a record-breaking hacker attack affecting nearly 79 million individuals. A number of key lessons have emerged from that breach that other organizations can apply to improve their own data security.
As the debate intensifies over Apple's refusal to help the FBI crack the iPhone password of one of the San Bernardino shooters, Rep. Will Hurd says Congress should not rush to enact legislation that would require technology companies to weaken encryption. Hurd chairs a subcommittee with cybersecurity oversight.
To boost security and eliminate the need for passwords, MasterCard plans to later this year roll out a facial biometrics app for authentication of online purchases. But some experts warn that biometrics technology is not fool-proof and should only be deployed as part of a layered authentication approach.
Think it's tough now for the government to compel Apple to retrieve encrypted data from a locked iPhone? According to news reports, Apple is busy creating new devices and services that will be even harder to hack.
Tim Cook says he found out about the court order to help the FBI break into the iPhone of one of the San Bernardino shooters from the press. "I don't think that something so important to this country should be handled that way," the Apple CEO says.
The re-emergence of the mobile banking Trojan known as Acecard, which is now threatening a broader range of targets worldwide, highlights the growing risks associated with Android devices and the need for banks and mobile app developers to do more to protect users' accounts.
A cyber insurer is offering premium discounts to organizations that have implemented the Healthcare Information Trust Alliance's Common Security Framework, seeing that as a sign that they are managing their risks.
None of the major presidential candidates unequivocally backs Apple in its privacy vs. security battle with the U.S. government over its refusal to help the FBI crack the password of the iPhone of one of the San Bernardino, Calif., shooters. Hear what each of the candidates has to say.
The war of words continues to heat up between the Justice Department and Apple over the FBI's request that the technology provider help it unlock an iPhone seized during the San Bernardino shootings investigation.
With word of her retirement, Donna Seymour received criticism and praise for her work in response to the hack of the agency's computers that exposed the personal information of 21.5 million individuals.
Leading banking Trojans are expanding their targets, taking aim at industries outside banking to compromise financial accounts and other information, new research shows. And the botnets are proving difficult for law enforcement officials to take down.
While hacker attacks increasingly pose threats to electronic patient data, yet another healthcare provider has reported a major breach involving the improper disposal of paper and film records. The number of individuals being notified makes this the biggest reported health data breach of its kind.
Security experts warn enterprises to patch the serious "glibc" domain name system flaw now, with one likening it to a "skeleton key" that could be used against all systems and Internet of Things devices that run Linux.