New, advanced point-of-sale malware dubbed "Poseidon" can exfiltrate card data directly from every infected device. And security experts warn that too many retailers fail to test POS devices and segment networks to mitigate all malware threats.
The privacy profession is evolving rapidly, and security leaders increasingly need to understand the unique demands and responsibilities that come with protecting privacy. But where do they gain this insight?
The Target breach was the hot topic for many RSA 2014 attendees, but Gartner's Avivah Litan was already talking about the next Target - a UK retailer that may have suffered a similar hack, exposing payment card data.
The cybersecurity framework, the package of best IT security practices issued in mid-February, isn't set in stone, but will evolve in the coming weeks, months and years, says the framework's point man, Adam Sedgewick.
Troy Leach of the PCI Security Standards Council says data security standards are not failing; they just aren't being applied continuously. And conformance with the Payment Card Industry Data Security Standard is just one piece of the puzzle.
Most organizations have yet to realize the cybersecurity benefits of big data analytics, says Russell Thomas of Zions Bank. He explains steps the pioneering bank is taking to revolutionize its big data operations.
White House Cybersecurity Coordinator Michael Daniel says the toughest international cybersecurity challenge facing the Obama administration is getting cooperation in coordinating responses to online crime.
Many consumers are concerned about whether their healthcare information will remain private once electronic records are routinely exchanged among providers, a new study confirms. But experts say organizations can take steps to bolster patient trust.
The Trojan "Laziok" targets energy firms throughout the Middle East, India, the U.S. and the U.K., warn security researchers at Symantec. The malware attempts to exploit a Microsoft Office bug patched in 2012.
Declaring a national emergency over hack attacks, President Obama signed an executive order authorizing the government to impose sanctions on hackers. But information security experts voice questions - and concerns.
Nine individuals have pleaded guilty to charges stemming from their roles in an identity fraud scheme. Among the defendants is a former military hospital worker who stole soldiers' personal information to file false federal tax returns, prosecutors say.