Too many security awareness and education programs fail because they're boring, says Lance Spitzner, research and community director for the SANS Institute's "Securing the Human" program. Read his suggested fixes.
With the heightening of the threat of cyber-attacks to America's critical infrastructure, a congressional watchdog says federal agencies need to adopt better metrics to determine the risks specific to the industries they monitor.
LabMD's recent victory in its long legal battle with the Federal Trade Commission will be short-lived, the medical testing lab's CEO predicts. Find out why, and what changes Michael Daugherty hopes the case will bring to FTC's enforcement practices.
As precision medicine research advances, the medical community must take steps to address the privacy risks to sensitive genetic information that is shared among researchers, says Carlos Bustamante of Stanford University.
As the unfolding investigation into the Paris attacks shows, just sharing threat-related data - without adding the crucial context that turns it into actionable intelligence - won't help organizations block attacks.
Starwood Hotels and Resorts has confirmed a point-of-sale breach, but card issuers say they don't believe the Starwood breach is isolated, and that fraud patterns indicate that another, perhaps larger breach, is impacting cards across the country.
NICE's Rodney Petersen sees too many government agencies and businesses using old-school methods to identify and recruit IT security professionals. Consequently, they often fail to build their cybersecurity staffs.
Despite near-constant warnings from law enforcement officials and the information security community, too many organizations still aren't taking security seriously, experts warned at the Irish Cyber Crime Conference in Dublin.
The moment a successful defense is deployed, attackers find new ways to break into networks. In this video interview, Dr. Dale Meyerrose describes the damage wreaked by APTs and the strategies organizations can use to keep attackers at bay.
Several recent data breaches involving email mishaps serve as a reminder of precautions that healthcare entities must take with protected health information contained in digital communications that are sent or received by their organizations.
The ruling to dismiss the FTC's data security case against medical lab LabMD will result in FTC staff more carefully vetting the enforcement cases the agency pursues against all other companies in the future, predicts former FTC attorney Reed Freeman.
A messy legal saga between the FTC and LabMD, related to a data security dispute, appears closer to ending with a significant win for the medical testing lab. What comes next in this hotly-contested case?
The terrorist attacks in Paris likely would have occurred even if intelligence and law enforcement agencies could have broken encryption Islamic State attackers used in their communications to plan the assault that killed at least 129 people.
In the wake of the Paris attacks, cybersecurity expert Brian Honan argues that now is not the time to make snap public policy decisions that attempt to promote or restrict either cryptography or surveillance.