President Donald Trump's nominee to head the National Security Agency and U.S. Cyber Command, Lt. Gen. Paul Nakasone, faces two Senate committee hearings as part of his nomination process. He'll face questions on cyber defense, privacy and combating information warfare.
If you browsed the latest security headlines, you'd probably think the majority of data breaches were related to hackers, political activists, malware or phishing. While the latter two hint at it, the truth is that nearly half of all data breaches can be traced back to insiders in some capacity.
Vendors play a critical role in supporting key business functions. As a result, companies need to take responsibility for managing their security and risk with the partners they choose, but current methods for managing that risk are inefficient.
A March 2018 study conducted by Forrester Consulting on behalf of...
Server-level protection from viruses and malware is essential, and PC-based tools won't cut it. Malware attacks are increasing, including ransomware like CryptoLocker, Locky, and zCrypt. Businesses know it's essential to protect PCs from malicious programs, but many don't realize the value of server-level protection...
Cloud usage continues to grow, which is no surprise. The cloud has enabled businesses to expand their capabilities via cloud servers or a hybrid approach of on-premises and cloud environments. What is surprising is how many organizations have developed a blind spot when it comes to cloud security, and these blind...
The Securities and Exchange Commission and the Department of Justice have both charged Jun Ying, a former CIO at data broker Equifax, with engaging in illegal insider trading after he determined that his employer had suffered a massive breach.
A U.S. power company, unnamed by regulators, has been fined a record $2.7 million for violating energy sector cybersecurity regulations after sensitive data - including cryptographic information for usernames and passwords - was exposed online for 70 days.
A set of vulnerabilities in AMD chipsets that gives attackers enduring persistence on machines appears to be legitimate. But experts are questioning the motivations of the Israeli security company that found the flaws, contending it ambushed AMD to maximize attention.
While the director of the HHS Office for Civil Rights says HIPAA enforcement remains a top priority for the agency, obtaining enough resources to carry out its mission is an ongoing battle, says former OCR official Deven McGraw.
Whoever unleashed malware built to disrupt last month's Winter Olympics in Pyeongchang, South Korea, designed it to look like it had been executed by a group of hackers tied to North Korea. But researchers at the security firm Kaspersky Lab say any such attribution would be false.
Penetration testing can help find vulnerabilities that aren't typically identified by scanning and other monitoring. But the testing comes with some risks, Duke Health CISO Chuck Kelser and pen tester John Nye explain in a joint interview.
The increasing number of organizations being hit by crippling mega breaches points to a deficiency in most standard endpoint security solutions. Today's evolving threat landscape requires that organizations not only employ next generation endpoint protection technology, but that they add an element of aggressive...
The U.S. Senate is considering a banking reform bill that would ban credit agencies' practice of charging for a credit freeze, one of the crucial steps experts say can help pre-empt identity theft. Lawmakers have been under intense pressure to create laws that better protect consumers following Equifax's data breach.