To avoid having their organizations exploited by teenage hackers, boards of directors worldwide need to get serious about security. Here are five lessons to be learned from the latest TalkTalk data breach.
In this video interview, Mike Weber of Coalfire Labs discusses ways that healthcare organizations can develop strategies for easily sharing patient data among clinical professionals using a variety of devices while protecting that data from attackers.
The insider threat is one that organizations often want to overlook. But it's hard to ignore when they are losing critical assets. Lockheed Martin's Douglas Thomas tells how to sell an insider threat program.
If the Chinese government hacked the U.S. Office of Personnel Management for espionage purposes, then the U.S. government's $133 million contract to provide ID theft monitoring services is a waste of money. Instead, the agency could have used the funds to safeguard its systems against future attacks.
Security experts trace many of the world's cybercrime attacks to Russia. But Russian authorities never extradite suspects, and they allow hackers to operate with impunity - if they play by some ground rules.
If there's one thing federal regulators want to drill into the heads of covered entities and business associates about data breach prevention, it's this: Stop procrastinating, and conduct a risk analysis and encrypt most of your computing devices right away.
The U.S. Office of Personnel Management promises that it will soon notify 21.5 million individuals that their background-check information was breached. Meanwhile, the government has lined up notification and response services for future needs.
The FBI estimates fraud losses linked to so-called business email compromise scams worldwide have exceeded $1.2 billion in less than a year. But some financial fraud experts say the losses from this largely overlooked threat could be even higher.
CISOs who want to keep more cyber-attacks from succeeding should focus on decreasing the half-life of vulnerabilities, which refers to the amount of time it takes half of all systems affected by a vulnerability to get patched. That's the advice from Qualys' Wolfgang Kandek.
Carilion Clinic, a Roanoke, Va.-based network of hospitals and outpatient facilities, has fired or disciplined 14 employees over a problem common at many healthcare organizations: patient record snooping. Experts discuss how to tackle the challenge.
Blue Coat CTO Dr. Hugh Thompson speaks about the future of security, the constants that need attention, and lessons to be learned from the U.S. when it comes to writing meaningful breach notification laws.
Visa and Target have reached an agreement that reportedly will reimburse card issuers a total of up to $67 million for fraud losses and expenses tied to the retailer's 2013 breach, which exposed some 40 million payment cards.
The recent FDA alert advising healthcare organizations to stop using a line of infusion pumps because of cybersecurity flaws, coupled with earlier guidance from the agency, will lead manufacturers to be more focused on risk management, predicts attorney Anna Spencer.
In a security landscape where the frenetic pace of technology has changed paradigms in ways organizations are struggling to cope with, Blue Coat's Hugh Thompson advises adopting a 'Degrees of Freedom' approach.