Gene Fay of Resilient Systems says the traditional method of solving risk issues through technologies no longer works. Instead, he says, security must be built on the foundation of an effective incident response plan.
Attackers could abuse flaws in Android's Stagefright media library to seize control of almost 950 million devices, just by sending a text, a security researcher warns. But will most devices ever see related fixes?
Visa's Eduardo Perez says one of the key merchant vulnerabilities his company is most concerned about is weak remote-access controls for point-of-sale systems and devices. He offers risk mitigation advice in this exclusive interview.
Privacy advocate Deborah Peel, M.D., is worried that several ongoing healthcare sector initiatives could potentially erode patient privacy and individuals' control over their health records. Find out about her latest concerns.
RSA Conference Asia Pacific and Japan, which wrapped up last week, was a successful reflection of this region's hottest security topics. Here are some of my own observations, as well as feedback from the attendees.
Will the Office of Personnel Management's breaches, which exposed the personal information of more than 22 million individuals, make it more or less likely that Congress will enact cybersecurity legislation, including a cyberthreat information sharing bill?
Security expert Alan Woodward is warning that enterprises should ditch RC4 after researchers demonstrated practical attacks that demolish the crypto that's widely used in enterprise WiFi devices and for TLS.
Virtualization and related developments bring significant changes to the architecture of today's data centers. At RSA Conference Asia Pacific & Japan, Cisco's Munawar Hossain defines these changes and outlines the new challenges.
Organizations think they have done everything right, yet still they are breached. What has gone wrong? RSA's CTO Zulfikar Ramzan says it's time for security practitioners to shift to a new prevention mindset.
One of the most important lessons emerging from the recent string of major cyberattacks in the healthcare sector is the need for executives to treat information security as an essential component of business operations, says attorney Ron Raether.
A lawsuit filed against information services firm Experian alleges the company failed to detect that a customer of its data aggregator unit was a fraudster. Could stronger customer vetting have prevented misuse of information?
Those testifying at a July 23 Senate hearing, including David Kibbe, M.D., said the federal government, healthcare providers and electronic health records vendors could take steps to help ensure the secure exchange of patient information is not blocked.
Amit Yoran, president of RSA, says Asian organizations must re-think their approach to security. He outlines five key steps to building a resilient cyber defense mechanism. But how do security leaders respond?
Put your personal feelings aside; what's dangerous about the AshleyMadison.com breach is that ideologists will now go beyond taking down an IT system and actually destroy a business. This evolution, says cybersecurity expert Carl Herberger, requires a new way to assess and mitigate risk.