Armed with stolen personal data, cybercriminals can easily bypass conventional identity authentication methods. So how can organizations strengthen authentication without harming customer experience? Shaked Vax of IBM Security shares insights.
Traditional approaches to authentication can't work effectively in a digital environment where customers and partners are interacting from multiple vectors. Evan O'Regan of Entrust Datacard discusses how to remove friction - and fraud - from the process.
Facebook says up to 87 million people may have had their personal details transferred to voter-profiling firm Cambridge Analytica. The figure includes 17 million people in nine countries outside the U.S., potentially intensifying regulator scrutiny of the social networking site.
The New Jersey state attorney general has smacked a medical practice with a $418,000 penalty for a 2016 HIPAA breach involving a vendor's misconfigured server. The case is the latest example of the risks posed by vendors.
Should federal regulators provide physicians with a free pass from having to conduct a HIPAA risk analysis or face a random HIPAA compliance audit if they implement a cybersecurity framework? That's what the AMA is proposing. Security experts weigh in with reactions.
Facebook CEO Mark Zuckerberg says the social networking company is already complying with parts of Europe's GDPR privacy legislation, but it won't comply with all of its requirements worldwide. Zuckerberg's comments are likely to rile critics following the uproar around voter-profiling firm Cambridge Analytica.
Panera Bread appears to have failed to fix a customer data leak for more than eight months after getting a heads-up from an independent security researcher. Here's what others should learn from the bakery café chain's mistakes.
Panera Bread is warning that information on 10,000 customers has been inadvertently exposed. The data leak, however, persisted despite the company being alerted to the problem eight months ago, and there are signs that the victim tally may be much higher.
Russian national Yevgeniy Nikulin, 30, has been extradited to the U.S. from the Czech Republic to face charges that he hacked LinkedIn, Dropbox and Formspring, offering at least some stolen data for sale.
Processing and parsing intelligence from all sources - external and internal, structured and abstract - across three important categories is essential to a proactive, predictive threat intelligence framework, says Verizon's Ashish Thapar
CISOs increasingly are summoned to present to their Boards of Directors. But too often these presentations fail to frame the right topics with the right metrics, says Jacob Olcott of BitSight. He offers advice for maximizing the opportunity in front of the Board.
Cyber SOCs, the next generation of security operations centers, need to use a new approach to detecting emerging attacks, says Aadesh Gawde of the IT risk consultancy ProVise Consulting, who offers implementation tips.
Organizations need to carefully assess - and then verify - the data security controls their existing - and prospective - vendors have implemented, says privacy and security expert Rebecca Herold, who offers a range of vendor management tips in an in-depth interview.