Does your organization really have a clear idea of what measures your business associates are taking to safeguard your most sensitive data? Yet another breach, this one affecting Arkansas Blue Cross Blue Shield, points to the risks.
At a hearing on the role the Interior Department played in a recent breach at the Office of Personnel Management, the Interior deputy inspector general painted a picture of how a hacker might have breached the agency's computer system.
Although they apparently weren't caused by cyber-attacks, the impacts of computer failures at the New York Stock Exchange, United Airlines and the Wall Street Journal have much in common with the aftermath of breaches.
MasterCard is testing a smartphone app that lets users approve online transactions using facial recognition, via the equivalent of taking a selfie. But could such technology be spoofed, and will it reduce card fraud?
President Obama proposes spending more money on cybersecurity, replacing government agencies' antiquated, unsecured systems. But what really needs to be done to thwart breaches, like the hack attack against the Office of Personnel Management?
The recent string of hacker attacks in the healthcare sector is a reminder of the need for organizations to re-assess whether they're following best practices to secure remote access to sensitive data, says security expert Gary Glover.
John Halamka, M.D., CIO of Beth Israel Deaconess Medical Center, is among the expert speakers who will be offering insights at the inaugural Healthcare Information Security summit in Boston this week. See what else is on tap.
The Gartner Security and Risk Management Summit tackles digital business, a concept that blurs the physical and digital worlds, and requires organizations to reconsider how they approach IT security and risk management.
Inspector General Russell George says hackers would have had a tougher time breaching the IRS "Get Transcript" system if the agency had implemented IG recommendations, but he stops short of saying the safeguards would have prevented the hack.
The method the Internal Revenue Service used to authenticate users, which failed to keep sophisticated hackers from breaching a taxpayer-facing system, has been widely criticized by cybersecurity experts.
It's no surprise that virus-wielding hackers are exploiting Internet of Things devices. Blame too many device manufacturers rushing products to market, skimping on secure development practices and failing to audit the third-party code they use.
This year's Infosecurity Europe conference in London is offering a top-notch range of sessions, ranging from how to battle cybercrime and social engineering to building a better security culture and workforce. Here's my list of must-see sessions.
Caffeine junkies are up in arms over reports that criminals have been targeting their Starbucks account balances. But the real story is poor password-picking practices by consumers, and Starbucks' lack of multi-factor authentication.
What is the Identity Ecosystem Framework, and why is it so important for security professionals to embrace? Kimberly Little Sutherland of LexisNexis Risk Solutions shares insights on the future of online identity.
In the four years that he led the National Strategy for Trusted Identities in Cyberspace, Jeremy Grant says he saw significant progress in the use of new forms of authentication - yet widespread acceptance remains years away.