While there's anecdotal evidence that the NIST cybersecurity framework is proving helpful to businesses in their risk management efforts, there's not yet any measureable proof of its success at preventing damaging cyber-attacks.
Russian and European malware and spam purveyors have been hijacking Internet routes. Pending a massive infrastructure upgrade, security experts warn that such attacks can be detected, but not easily blocked.
A new report claims that Russian hackers, using spear-phishing attacks, breached the Sony Pictures Entertainment network by November 2014. But it's not clear whether they were responsible for the "G.O.P." attacks attributed by the FBI to North Korea.
Target is the high-profile example, but many organizations have been breached through third-party vulnerabilities. Where are the security gaps, and how can they be filled. BitSight's Stephen Boyer offers insight.
The Obama administration has taken new, but modest steps to limit the ability of intelligence agencies to collect data on individuals, but the new policy doesn't end the bulk collection program revealed by former NSA contractor Edward Snowden.
President Obama says his proposed cybersecurity budget is designed to help prevent foreign nations or hackers from shutting down American networks, stealing trade secrets or invading the privacy of American families.
Federal regulators are on the right track in their vision for a draft "roadmap" to remove barriers to nationwide, secure health information exchange, but many more hurdles remain, security and privacy experts say.
Hackers posing as women on Skype tricked Syrian opposition fighters into infecting their systems with malware, which furnished the hackers with "valuable insight into military operations," according to a new report from cybersecurity firm FireEye.
Recognizing the behavior of an intruder, rather than relying on digital signatures, will prove to be a better way to prevent hackers from pilfering data and creating havoc in IT systems, says Radware CEO Roy Zisapel.
Breaches can happen even when there are strong protections in place. But healthcare organizations can do more to prepare for breaches and respond in the best possible way to protect patient information.
Federal regulators have unveiled a draft roadmap for achieving nationwide secure health data exchange built on interoperable electronic health records systems within the next three years. Learn about the privacy and security components.
Leading this week's industry news roundup, IBM announces Identity Mixer, a cloud-based encryption technology designed to protect personal data online, while Proofpoint releases its Enterprise Protection Suite 8.0.