Chili's Grill & Bar is warning customers that an unknown number of payment cards were compromised at an unknown number of corporate-owned locations earlier this year for a period of time it suspects lasted two months. Should Chili's have waited to alert customers until it had more information?
Spectre and Meltdown: It's déjà vu all over again as Intel is reportedly prepping a coordinated vulnerability disclosure announcement for eight new speculative execution flaws. One of the new flaws is apparently worse than any of the three Spectre/Meltdown variants that came to light in January.
What can be done to address the shortage of personnel to fill the ever-expanding roster of cybersecurity jobs - from entry-level positions through the CISO role? (ISC)2's John McCumber describes organizational and governmental efforts to lower barriers to entry and build tomorrow's workforce.
Great news: "SunTrust to offer free identity protection ... at no cost on an ongoing basis." Of course, nothing comes for free, at least for 1.5 million customers of the Atlanta bank, whose personal details may have been sold to criminals by a former employee.
Incident response is a critical pillar of an effective endpoint security program, one that will gain importance as GDPR enforcement comes into play on May 25. Organizations must be ready to react if and when an incident occurs in order to meet the stringent requirements that apply during an incident.
Employees are the first line of defense for any organization, and Paul Bowen of Arbor Networks believes we don't do nearly enough to deputize them to support our security efforts. He offers tips for using technology to train end users.
The high-profile breaches of Fortune 100 companies are the ones that get the headlines, but small and midsized businesses should not breathe any sighs of relief. They are very much still targets, says Austin Murphy of CrowdStrike. He offers cybersecurity advice to SMBs.
Two out of three organizations say that finding qualified cybersecurity professionals is a struggle, a new study shows. And 80 percent of respondents do not feel adequately prepared to defend their organizations. Kathie Miley of Cybrary and Wade Baker of Cyentia Institute discuss how to bridge the cyber skills gap.
HHS continues to improve its information security program, but it needs to take steps to address a number of ongoing weaknesses, according to a new watchdog agency report. What are those glaring weaknesses, which are also, unfortunately, common at many healthcare organizations?
Cybersecurity will again be in the spotlight at this year's Healthcare Information and Management Systems Society conference, March 5 to 9 in Las Vegas. The event will feature numerous CISO presentations, updates from regulators and displays of the latest technologies.
Australia's real-time payments platform, which launched last week, includes a feature designed to reduce fraud and erroneous payments. Ironically, the feature may also expose users to social engineering attacks.
A look at some of the United Kingdom's recent health data breach statistics shows some interesting similarities to the U.S., despite differences in the two countries' health systems and breach reporting practices.
The White House, fearing China is spying on phone calls, has suggested that the U.S. government take a primary role in marshaling the development of secure 5G networks. But would nationalizing 5G networks make them more secure?
Technology giants are still struggling to identify what's at risk from the Spectre and Meltdown flaws in modern CPUs, never mind getting working security updates into users' hands. In the meantime, expect a rush by researchers to find more flaws in microprocessor code.