Hong Kong toymaker VTech has revised its end-user license agreement to make clear that it can't be held legally responsible for any data breaches. Many security experts have reacted with fury. But is VTech's move unusual?
The Obama administration's proposed fiscal 2017 budget yet again seeks additional funding for the long overdue HIPAA compliance audit program and a variety of other health data privacy and security efforts. But will Congress approve spending increases?
It's the 25th anniversary of the RSA Conference. What's planned for this year's landmark security event? Britta Glade, senior content manager for the conference, and Informatica CISO Bill Burns offer a preview of the RSA Conference 2016 in San Francisco.
Privacy looks to be one of the hottest topics at RSA Conference 2016. Cisco's Michelle Dennedy shares insights on encryption backdoors as well as the likely impact of newly revised EU privacy legislation.
Why should CISOs not report to CIOs? And why do CISOs need more direct lines of communication with CFOs? Chris Pierson, a cybersecurity attorney and CISO who'll be a speaker at RSA Conference 2016, provides answers.
While 2015 will be remembered as the year of major hacker attacks in the healthcare sector, most of the health data breaches added so far this year to the official federal tally have involved blunders by insiders. That's why infosec pros need to focus on more than just mitigating hacker threats.
President Obama is creating a federal CISO post as part of a multifaceted initiative aimed at strengthening the nation's IT security. His plan includes forming a public-private Commission on Enhancing National Cybersecurity and boosting government cybersecurity spending by 35 percent.
Even as the demand for security professionals grows, the outflow of practitioners from the profession is greater than the influx of fresh blood, says (ISC)Â² CEO David Shearer. How can this trend be effectively addressed?
Here's more evidence of how a data breach can have a major financial impact. The bill for U.K. telecom giant TalkTalk's October 2015 data breach could be as much as $94 million, and the incident resulted in the loss of 95,000 customers.
The banking malware known as Carbanak continues to evolve, and cybercriminals are now using it to wage APT-style attacks against banks as well as companies in other sectors, according to security researchers at Kaspersky Lab.
Federal regulators are proposing changes to regulations governing the data privacy of substance abuse patients. Privacy experts disagree about whether the changes are necessary and practical, or potentially harmful.
Who is responsible for fraud losses resulting from business email compromise? Texas-based AFGlobal Corp. is suing its insurance firm to settle this question. Experts weigh in on the lawsuit and why cyber insurance rarely covers losses from these scams.
Java users are being warned to only use newly released installers to avoid a nasty potential exploit. Meanwhile, a veteran bug hunter questions whether Oracle's move to ditch Java browser plug-ins will have a significant security upside.
The rise in RFID-based contactless payment cards has led to increased concerns that fraudsters could wirelessly crack cards' secret cryptographic keys. But a team of MIT researchers has debuted defenses against such hack attacks.