A major operation to cleanse websites of digital certificates created under questionable circumstances is underway. Google has issued the orders: Purge digital certificates that were issued by Symantec before June 1, 2016.
It isn't a specific product to be purchased and deployed, but RSA's concept of business-driven security is a new strategy to help improve communication between the operations and risk managers within security organizations. RSA's Ben Smith describes how to start.
Only 38 percent of banking/security leaders have high confidence in their organization's ability to detect and prevent fraud, according to the latest ISMG Faces of Fraud Survey. John Gunn of VASCO Data Security weighs in on how to improve that confidence.
The notion of patching the most critical vulnerabilities is outdated and ineffective thanks to today's black market for exploit kits, says Kevin Flynn of Skybox. Evaluating the exposure and context of holes in your organization is crucial to shoring up defenses, he says.
The new cyber regulations from the New York Department of Financial Services apply to far more than just major New York-based banks, explains Paul Bowen of Arbor Networks.
The Russian cyber espionage group known as Pawn Storm, which has been around since 2004, has shifted gears to focus on cyber propaganda efforts, and security professionals need to be aware of the changing threat, says Ed Cabrera of Trend Micro.
Many organizations are uncertain about the overall effectiveness of their security strategy because they are still in the dark about aspects of their risk posture, says Brian Soldato of NSS Labs. Conducting a few pen tests a year is not enough, he stresses.
A detailed analysis of the Equifax breach highlights the latest edition of the ISMG Security Report. Also, an update on Russia exploiting social media to influence the 2016 presidential vote.
If the Equifax breach turns out like every other massive data breach we've seen for more than a decade, after a big brouhaha - from Congress, state attorneys general, consumer rights groups and class-action lawsuits - nothing will change, because that would require Congress to give Americans more privacy rights.
The massive Equifax data breach has already led to the filing of more than 30 lawsuits against the data broker - one demanding up to $70 billion in damages. At least five state attorneys general have launched formal investigations, while several Congressional committees have promised hearings.
In the age of ubiquitous mobility, customers' expectations have evolved - and so must an organization's approach to authentication and transaction security, says Will LaSala of VASCO Data Security.
A 10-digit PIN used by consumers to freeze access to credit reports with Equifax is based on dates and times, several observers have noticed. Equifax says it plans to change how the PIN is generated, but experts say it's another troubling development for a troubled company.
Could the class action lawsuit filed against CareFirst Blue Cross Blue Shield be the first data breach case headed to the Supreme Court? A recent ruling by a federal court makes that a possibility.
In the wake Equifax saying hackers may have stolen 143 million consumers' personal details, the company is already facing sharp questions over the robustness of its security defenses as well as reports that three executives sold stock after the breach was discovered, but before the news became public.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.
