Owners of critical infrastructure might be shamed into providing the necessary security to safeguard their information assets. That's one takeaway of a compromise Senate bill proposed by Democrat Sheldon Whitehouse and Republican Jon Kyl.
Some organizations are focusing so much attention on the bring-your-own-device trend and on implementing a mobile device management system that they're neglecting mobile app security issues, says security expert Jeff Williams.
An Obama administration memo, issued by U.S. Special Counsel Carolyn Lerner, cautions federal agencies that interfering with e-mails used by government employees to unveil misconduct could be unlawful.
The initial 20 HIPAA compliance audits found that more organizations had trouble with security compliance than privacy compliance, an analysis by federal officials shows. Learn about the other findings.
"This is about preparing the battlefield for another type of covert action," a former high-ranking U.S. intelligence official says. "Cyber collection against the Iranian program is way further down the road than this."
LinkedIn's failure to comply with long standing industry standard encryption protocols jeopardized its users' PII, and diminished the value of the services, the class action federal lawsuit filed in northern California says.
Brokers and insurers have upped their marketing efforts to get enterprises to purchase cyber insurance, even though policies could be risky for sellers and buyers. See 10 considerations you should mull before buying cyber insurance.
Gartner's Peter Firstbrook, to illustrate the vulnerability of IT systems, cites research that pegs at about 400 days the average time a targeted virus remains undetected on a computer. And, he says, that doesn't speak highly of the current offerings from security vendors.
An Alabama woman has been indicted in an ID theft case for allegedly stealing personal information about more than 800 patients at an Alabama hospital and then selling the information for use in filing fraudulent tax returns.