CISOs increasingly are summoned to present to their Boards of Directors. But too often these presentations fail to frame the right topics with the right metrics, says Jacob Olcott of BitSight. He offers advice for maximizing the opportunity in front of the Board.
Cyber SOCs, the next generation of security operations centers, need to use a new approach to detecting emerging attacks, says Aadesh Gawde of the IT risk consultancy ProVise Consulting, who offers implementation tips.
Organizations need to carefully assess - and then verify - the data security controls their existing - and prospective - vendors have implemented, says privacy and security expert Rebecca Herold, who offers a range of vendor management tips in an in-depth interview.
Malaysia's central bank, Bank Negara Malaysia, says it detected and successfully blocked an attack that attempted to steal funds via fraudulent SWIFT interbank money-moving messages. The attack against BNM led the central bank of the Philippines to issue an alert to banks in that country.
Department store chains Saks Fifth Avenue, Saks Off Fifth and Lord & Taylor have suffered a data breach that apparently exposed details on 5 million payment cards. Cybersecurity firm Gemini Advisory says the JokerStash syndicate - aka Carbanak gang - is selling the stolen card data.
What impact with the Facebook data privacy controversy have on the social media company, and other tech giants, eventually competing with banks? James Wester of IDC sizes up the open banking implications.
The European Union's General Data Protection Regulation will be enforced beginning May 25. Personal data must be protected or severe penalties may be imposed. Companies not located in the EU still need to prepare to comply with GDPR if they routinely execute transactions with EU citizens.
Under Armour says an unauthorized intruder gained access to information for the accounts of 150 million users of its MyFitnessPal mobile app and website. Learn why some fear the breach could lead to a massive phishing campaign.
Police have charged 20 Romanian and Italian nationals with running spear-phishing attacks that stole more than $1 million from online bank customers. Phishing remains a favored criminal technique for harvesting account credentials and cryptocurrency, as well as corporate secrets.
Leading the latest edition of the ISMG Security Report: Ransomware hits the city of Atlanta, Baltimore's 911 system as well as aviation giant Boeing. Plus, WikiLeaks and its Julian Assange get taken for a ride by Russian intelligence.
With the explosion of laptops, IoT, tablets, smartphones and other smart technologies, endpoints are the single largest group of devices inside your network today. Managing all of your assets and their software requires three foundational steps.
The unauthorized deployment of an unsecured patient database is the latest instance of "shadow IT" spotlighted by a Department of Veterans Affair's watchdog agency. The incident serves as a reminder to all healthcare entities about the patient data risks posed by unsanctioned technology deployments.
Boeing says that a malware outbreak affected a small number of systems but did not disrupt production. An executive has reportedly identified the malware as being WannaCry ransomware and called for "all hands on deck" to respond to the incident.
Ecuador's embassy in London has again revoked internet access for seven-year houseguest Julian Assange, saying the WikiLeaks chief violated an agreement to not interfere in other countries' matters. WikiLeaks' star has continued to fall since it's been revealed to be an apparent Russian stooge.