Cyberattacks are challenging our current methods of defense, says Lance James, a global cyber intelligence adviser at the consultancy Unit 221b. In a video interview, he discusses the changes in tools and skills that must be made to fend off fast-moving adversaries.
A third data breach affecting TalkTalk has prompted sharp questions from U.K. public officials about whether stronger breach notification laws and breach-related penalties might help prevent more such incidents from occurring.
The recent data breach at U.K.-based telecom company TalkTalk illustrates that breach risk mitigation is a critical issue worldwide. PCI's Jeremy King, who will be a featured speaker at ISMG's Fraud Summit London on Oct. 27, explains why European data security is getting more scrutiny.
Everyone's talking about business email compromise, but what they aren't talking enough about is what's at the root of these attacks - spear phishing. Joseph Opacki of PhishLabs discusses how security leaders must respond to the threat.
Despite the focus on external cyberattacks, insider attacks are almost as common and can potentially cause significantly more damage, says Michael Theis of Carnegie Mellon's CERT Insider Threat Center. In a video interview, he describes how science-based models can help organizations fight the battle from within.
Devin Jopp, CEO of the Workgroup for Electronic Data Interchange, describes a new effort to develop recommendations for how to protect genomic data as it's exchanged, as is called for under President Obama's Precision Medicine Initiative.
HP has agreed to sell its intrusion detection and prevention software unit TippingPoint to security vendor Trend Micro for $300 million. But analysts say Trend Micro faces stiff breach detection and incident response competition.
A recent agreement among 12 electronic health record vendors to support an effort to create a voluntary set of metrics assessing the interoperability of their products could potentially be a step toward easing secure health information exchange, says Kent Gale of the research firm KLAS.
Someone green-light this drama: Sony, after suffering a massive data breach that led to the leak of personal information and embarrassing corporate emails, has agreed to a data-breach settlement worth up to $8 million.
Bob Carr, CEO of Heartland Payment Systems, contends that not enough progress has been made in improving payments security in the seven years since the processor experienced a massive breach. Find out why he argues that retailers and processors still have much more to do.
As the Senate continues to wrestle with the Cybersecurity Information Sharing Act of 2015, with a vote expected next week, opposition to the bill from some privacy groups and major technology firms, including Apple, is heating up.
European criminals combined cannibalized EMV chips from stolen cards with miniature microprocessors to build fake payment cards that defeated POS security checks, enabling them to steal as much as $680,000, French researchers say.
The size of the information security analyst workforce in the United States rose by nearly 20 percent in the past year, according to an Information Security Media Group analysis of U.S. Bureau of Labor Statistics data.
Attributing cybercrime to specific criminals is becoming increasingly critical, says Eward Driehuis of threat intelligence firm Fox-IT. Using the elusive Dridex campaign as an example, Driehuis explains in this video interview how many malware attacks are interconnected.