Crisis management expert Emily Mossburg discusses a new Deloitte study that shows why many organizations must reassess their approach to breach response to focus on what really matters: keeping the organization functioning.
Preparing for data breaches - to detect them quickly, respond appropriately and ascertain exactly what happened - can help make the difference between a security incident having major or minor repercussions, says CrowdStrike CEO George Kurtz.
Days after booting hackers from its network, the Democratic National Committee allowed incident-response firm Crowdstrike to publicly detail its findings. That's a rare - albeit welcome - move for other potential targets.
The theft of an unencrypted laptop that may have contained information on up to 400,000 inmates who served time in California prisons has been added to the federal tally of health data breaches. Experts say notifying all those potentially affected could prove challenging.
In the wake of reports that 65 million stolen credentials from micro-blogging platform Tumblr have surfaced online, following 117 million LinkedIn credentials, it's clear that 2016 is fast becoming the year of what one security expert dubs "historical mega breaches."
Start preparing immediately for the EU's new General Data Protection Regulation - even though it doesn't go into force for two more years - because it mandates a number of new privacy and security requirements, warns cybersecurity expert Brian Honan.
LinkedIn failed to force all users to reset their passwords after a 2012 breach of at least 6.5 million credentials came to light. But it turns out the breach actually compromised 167 million accounts. Whoops.
Neither Australia nor New Zealand currently has laws on the books requiring organizations to notify people affected by data breaches. But both countries do say they are committed to introducing that requirement.
Today's threat actors are more focused, funded and disruptive than ever. But the cybersecurity defense industry is not built to respond appropriately, thought leader Tom Kellermann of Strategic Cyber Ventures says in this video interview. What are security leaders overlooking?
Ransomware, regulations, botnets, information sharing and policing strategies were just some of the topics that dominated the "International Conference on Big Data in Cyber Security" hosted by Edinburgh Napier University in Scotland.
Hacker attacks in the healthcare sector so far this year generally have targeted smaller organizations and affected fewer individuals, in contrast with last year's massive hacker incidents. For example, one of the latest victims is a small physician group practice in Texas.
The theft of $81 million from Bangladesh Bank was "part of a wider and highly adaptive campaign targeting banks," SWIFT warns its 11,000 customers. Investigators say signs point to the same attackers having hacked Sony Pictures Entertainment in 2014.
The federal tally of major health data breaches is littered with hundreds of incidents blamed on business associates that affected a total of tens of millions of individuals. But vendor involvement in breaches is probably actually a lot worse than what's reflected on the HHS tally.
Amidst finger-pointing over responsibility for the $81 million online theft from Bangladesh Bank, SWIFT has issued its first-ever information security guidance to banks, telling them that they're responsible for securing their own systems.