Security experts are warning that Internet-connected devices - including toys - should be treated as insecure and untrusted until proven otherwise. Have our collective information security shortcomings ever been more seasonally appropriate - or scarier?
Ireland's Cyber Crime Conference in Dublin drew a capacity crowd for a full day of security briefings, networking, hotly contested capture-the-flag and secure-coding challenges, as well as a chance to sharpen one's lock-picking skills.
Too many security awareness and education programs fail because they're boring, says Lance Spitzner, research and community director for the SANS Institute's "Securing the Human" program. Read his suggested fixes.
NICE's Rodney Petersen sees too many government agencies and businesses using old-school methods to identify and recruit IT security professionals. Consequently, they often fail to build their cybersecurity staffs.
Despite near-constant warnings from law enforcement officials and the information security community, too many organizations still aren't taking security seriously, experts warned at the Irish Cyber Crime Conference in Dublin.
The annual Black Hat Europe conference this year once again brought together numerous information security aficionados in Amsterdam for the latest training and security insights. Here are visual highlights from the conference.
Here's how police and intelligence officials in Europe and the United States are collaborating to identify and disrupt the network of people that planned, supported and launched the Nov. 13 terror attacks in Paris.
As more banks and government agencies stop providing free BlackBerries to employees, the beleaguered smartphone manufacturer is attempting to reboot with the launch of its first Android smartphone, dubbed Priv for privacy.
The information security field has done a poor job of attracting and retaining women, contends Jo Stewart-Rattray, international director of ISACA, who emphasizes the need for mentoring as well as salary equity.
An alert issued - and then yanked - by the FBI about fraud vulnerabilities linked to EMV chip cards is reigniting the debate between bankers and retailers over whether EMV in the U.S. should be chip-and-PIN or chip-and-signature.
In addition to having a dedicated individual or team responsible for privacy matters, organizations must ensure their information security and IT staffs are knowledgeable about data privacy issues, says Trevor Hughes, CEO of the International Association of Privacy Professionals.
Defeating biometrics-based security with far-fetched schemes, such as stealing or replacing eyeballs and fingertips, is a recurring theme in the movies. But real-world advances in authentication will help make it difficult to circumvent real-world security.