Outdated policies, lax regulatory oversight and bureaucracy have stunted more advanced cybersecurity investments at some organizations that provide the nation's critical infrastructure, says Brian Harrell, the former director of critical infrastructure protection at the North American Electric Reliability Corp.
Today's cybersecurity industry is far too focused on keeping bad guys out, says Chris Pierson of Viewpost. Organizations need to pay more attention to keeping data inside the enterprise, he says, describing how to make the shift to a focus on limiting exfiltration.
Kmart has suffered a data breach affecting "some, not all" of its 735 U.S. locations as a result of its point-of-sale systems being infected by malware designed to siphon payment card data. The retailer described the malware as "undetectable by current anti-virus systems and application controls."
Two researchers who launched a crowdsourced effort to subscribe to the Shadow Brokers' monthly leak of stolen Equation Group exploits - on behalf of the entire information security community - have dropped their effort, citing legal concerns.
In an in-depth interview about a new study that identifies thousands of vulnerabilities in cardiac devices, security researcher Billy Rios calls on manufacturers to more carefully consider the compromises they make in balancing the usability benefits to patient care versus the cybersecurity risks.
Two security researchers are attempting to crowdfund a recurring subscription fee to Shadow Brokers' monthly exploit dump club in hopes of helping to prevent or blunt future outbreaks of the WannaCry variety. Cue ethical debate.
Businesses are suffering from an influx of too much security technology packaged into too many solutions offered by too many vendors, says former RSA Chairman Art Coviello, who claims the proliferation of products isn't helping improve cybersecurity.
A cyber-espionage campaign apparently linked to Russia has targeted more than 200 people in 39 countries and leaked victims' stolen information - sometimes in altered form - as part of a disinformation campaign, according to privacy researchers at Citizen Lab.
Cyber-intelligence expert Tom Kellermann sees a growing hostility in cyberspace, and he fears a new wave of advanced threats aimed not just at committing crimes, but at breaching critical infrastructure. Who are the top threat actors, and what are their key targets?