An incident involving HIV information being potentially visible through envelope windows on thousands of letters mailed to members of Aetna's pharmacy benefits plans is an important reminder that even routine mailings present privacy risks.
Analyzing Donald Trump's cybersecurity policy seven months into his administration highlights the latest edition of the ISMG Security Report. Also, Cybersecurity Coordinator Rob Joyce disses Kaspersky Lab on network TV.
The never-ending stream of bad information security news is fueling a virtual gold rush for companies offering protection. A new report from Forrester predicts a healthy growth rate over the next five years, with some specific technologies expected to see double-digit growth.
A judge has designated the case against Marcus "MalwareTech" Hutchins, who's been accused of creating and selling the Kronos banking Trojan, as "complex" after his defense requested more time to review chat logs, malware samples and other evidence submitted by prosecutors.
Extradited Canadian national Karim Baratov, who's been accused of helping the Russian intelligence officers who allegedly ordered up the hacking of 500 million Yahoo users' accounts, pleaded not guilty to related charges in a San Francisco federal courtroom.
There's another option for governments trying to overcome the end-to-end encryption barrier: buy a zero-day software exploit. One prominent zero-day broker, Zerodium, has added encrypted messaging apps to its bounty list.
With claims of wanting to dispel "the myth about doping-free football," the Russian-linked hacker group Fancy Bear has released health records related to alleged drug use of more than 150 soccer players worldwide. What's the message they're sending?
Crew error - not hacking - remains the most likely explanation for this week's deadly collision between a U.S. Navy guided-missile destroyer and a merchant oil and chemical tanker off the coast of Singapore, experts say.
Hiring managers will need to get increasingly creative to find talent to fill their vacant information security positions, particularly in a shallow talent pool that is forecasted to get even thinner. Experts in the hiring trenches offer seven key tips to consider.
Delaware has become the second state - the first was Connecticut - to require organizations to provide residents one year of free credit monitoring services if their sensitive personal information is compromised in a data breach. Will other states take similar action?
EDR (endpoint response and detection) products are powerful tools that provide a play-by-play of exactly what happened on a computer during and after an attack. But the products require the right expertise to get the most value, a Gartner analyst says.
Canadian Karim Baratov will be extradited to the United States after waiving his right to an extradition hearing. He's accused of being a "hacker for hire" for the Russian intelligence agents who allegedly perpetrated the 2014 Yahoo hack that resulted in 500 million user accounts being exposed.
Could proposed legislation force manufacturers and healthcare entities to put more effort into bolstering the cybersecurity of medical devices? In an interview, cybersecurity expert Joshua Corman provides in-depth analysis on the movement to improve the state of medical device security.
The latest ISMG Security Report leads with information security guru Ron Ross discussing changes coming to the National Institute of Standards and Technology's catalog of IT security and privacy controls. Also, challenges facing an upgraded U.S. Cyber Command.