Understanding the difference between cybersecurity crisis management and security incident response could be critical to your organization's survival. In this blog, a CISO offers insights on creating an effective crisis management plan.
A report on the verbal combat between Hillary Clinton and Donald Trump over whether the Russian government is using hacks to influence the U.S. presidential election leads the latest edition of the ISMG Security Report. Also, an update on Dropbox's new password protection strategy.
Verizon is reportedly awaiting the full results of a digital forensic investigation into the record-setting Yahoo data breach to ascertain whether it will revise its $4.8 billion bid to buy the search firm. Did the breach have a "material impact" on Yahoo's business? That's the question.
Nine technology companies have recently founded the Vendor Security Alliance (VSA), an independent, non-profit coalition that aims to help member companies evaluate or assess the security and privacy of third-party providers whom they heavily rely on and even entrust their users most important data with. They also...
If you look beyond the political bickering and study the cybersecurity platforms that presidential candidates Hillary Clinton and Donald Trump have posted on their campaign websites, you'll see that their approaches are similar in some respects.
"How secure are we?" That's one of the most common questions asked by boards and senior managers. But security and technology leaders do not always have ready answers, says Jacob Olcott of BitSight Technologies. Are they even using the right security metrics?
Hacker attacks continue to account for the vast majority of health data breach victims this year, according to the latest federal tally. Some security experts expect that trend will persist as long as many organizations focus narrowly on HIPAA compliance rather than larger cybersecurity issues.
In a rare case of potential breach accountability, Verizon is reportedly demanding a $1 billion discount to acquire Yahoo as a result of the search giant's failure to more rapidly spot a data breach that compromised at least 500 million users' accounts.
Because the legal relationships between healthcare organizations can be very complex, it's not always crystal clear when business associate agreements should be in place to help safeguard patient data, says privacy attorney Adam Greene. He explains the legal issues in this in-depth interview.
Britain's privacy watchdog agency has slammed the telecommunications company TalkTalk with a record fine of £400,000 ($511,000) for multiple information security failings that allowed a hacker to bypass access controls and exfiltrate customer data "with ease."
Britain has launched a new National Cyber Security Center to help U.K. organizations better respond to cybersecurity incidents. But Brexit is imperiling intelligence-sharing arrangements that help the U.K. battle attacks and track cybercriminals.
Markus Jakobsson, Chief Scientist at Agari, has released a new book focused on socially-engineered schemes. What are the key takeaways, and how can security leaders improve their abilities to fight back against the schemers?
The internet of things is being compromised by malware-wielding attackers exploiting default credentials baked into devices. What will it take for manufacturers to ship devices that are secure by default?