NIST plans next year to clarify certain provisions in its cybersecurity framework. "Just to be clear, we're not headed toward a version 2.0 right now," Program Manager Matt Barrett explains in an interview. "We're headed to something that's more like a 1.1."
The theft of an unencrypted laptop that may have contained information on up to 400,000 inmates who served time in California prisons has been added to the federal tally of health data breaches. Experts say notifying all those potentially affected could prove challenging.
TeamViewer is strengthening the security of its remote access application after an uptick in account takeovers that the company says is the result of hackers reusing account credentials from recent data breaches.
Will a federal appellate court ruling in favor of a Minnesota bank that sued its insurer for coverage of costs associated with a fraudulent wire transfer have a big impact on similar cases? Experts offer an analysis.
Asking how many different technologies consumers will tolerate when it comes to paying for their goods and services is a bit like asking how many more superheroes moviegoers will countenance in the latest "Avengers" film.
Is SWIFT now playing good cop/bad cop? While it initially promised to not police the financial services industry, it's now considering training auditors and suspending banks found to have poor information security practices.
HIPAA has long provided patients with the right to access their own "designated record set" of protected health information. But federal regulators are on a campaign to help patients and healthcare organizations understand records access rights, as well as the related privacy risks.
The theft of a backpack holding a laptop computer and paper documents containing medical information on perhaps thousands of NFL players serves as a lesson in the importance of safeguarding all health information, even for entities falling outside of HIPAA's reach.
Russian police have arrested 50 people in connection with an investigation into a hacker group suspected of unleashing a five-year series of malware-enabled hack attacks on major Russian financial institutions and stealing $25 million.
A federal judge has cleared the way for a class-action lawsuit filed by card issuers against Home Depot over the retailer's massive 2014 payments breach to proceed. In making the ruling, the judge noted that the banks' allegations regarding the retailer's security negligence appear to have merit.
Since the theft of $81 million from the central bank of Bangladesh came to light in February, investigators have continued to probe similar SWIFT-related attacks against four other financial services firms, dating back to at least 2013.
MySpace has confirmed it is resetting millions of accounts affected by the release of 360 million usernames, email addresses and passwords. According to one expert, more of these types of big breach announcements may be coming.