IT security leaders rely on penetration testing to determine whether applications are secure. But penetration tests can't be a primary source of assurance, says Jeff Williams, co-founder of OWASP.
Improved collaboration and communication between small businesses and financial institutions is the first step toward improving online security, says Mark Patterson, an ACH fraud victim. What else would help?
Security managers need the heads up from non-IT executives before they dismiss employees, some of whom might seek payback for their sacking by pilfering data or sabotaging systems, Carnegie Mellon University's Dawn Cappelli and Mike Hanley say.
Cyberhackers are increasing their efforts to target online credentials. And phishing attacks waged against accountholders at Chase in the U.S. and Barclays in the U.K. have made it clear that banking accounts are the target.
A 17-year-old was slapped with a 60-day jail sentence after he was busted for skimming credit and debit details while working the drive-thru window at a McDonald's restaurant in Olympia, Wash.
Global organizations easily can be confused by the myriad privacy laws in different regions of the world. But U.S. privacy attorney Miriam Wugmeister has advice to help navigate these tricky waters.
These new sites now make Information Security Media Group the largest global network of information security-focused media sites, reaching the most diverse audience of decision-makers in each of ISMG's key markets.
Fraud threats have changed little in the past decade. But their global scale has, and James Ratley, president of the ACFE, details how fraud examiners must change their approach to fighting these crimes in 2012.
If management awareness of information security issues increases, will an organization's commitment to securing practices and policies also increase? This is the question answered by an eye-opening new study.
The firing of a hospital staff member who inappropriately accessed former Penn State football coach Joe Paterno's records sends a strong signal about the importance of protecting patient privacy.
Healthcare organizations should carefully document all necessary breach investigation and notification actions and responsibilities to avoid chaos when an incident occurs, says Dawn Morgenstern, privacy official at the Walgreens national drugstore chain.
2011 has offered quite a number of tough lessons for security professionals. Here at (ISC)2, where security education is our focus, the close of another year raises the old teacher's question: "What have we learned, class?"
It's one thing to have a data breach response team. It's quite another to ensure that team is made up of savvy personnel, says Brian Dean, a former privacy executive for KeyBank.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.com, you agree to our use of cookies.