The federal government's point man on the cybersecurity framework, Adam Sedgewick of NIST, responds to a critique by Larry Clinton of the Internet Security Alliance on the failure of NIST to outline the financial benefits of the framework.
As part of their breach response strategies, organizations need to establish clear guidelines in advance so they know when it's appropriate to offer victims free credit monitoring or ID theft protection services.
Information security experts say espionage-focused attackers, apparently operating from Russia, have been using phishing e-mails and malware in multi-stage attacks designed to evade detection and steal political and military secrets.
A watchdog agency says the Internal Revenue Service needs to put into place additional procedures to ensure that Obamacare health insurance exchanges safeguard consumer tax information. Learn what's recommended.
Leading this week's industry news roundup, Intel introduces a solution that provides end-to-end encryption of consumer and financial data built into POS systems, while Arbor Networks launches Peakflow, a DDoS mitigation solution.
Security vendor Proofpoint warns that a "malvertising" campaign has been launching ransomware attacks against users of numerous high-profile websites, including search site Yahoo, dating site Match.com, and an AOL real estate site.
A bill before Congress to encourage the sharing of cyberthreat information won't come up for a vote until lawmakers act on legislation to end NSA's bulk collection program, says Senate Homeland Security Committee Chairman Tom Carper.
Karen DeSalvo, M.D., who has headed the Office of the National Coordinator for Health IT since January, is leaving the position to serve as acting assistant secretary for health, focusing on Ebola response efforts and other public health issues.
Apple CEO Tim Cook traveled to China in the wake of allegations that hackers are targeting Chinese iCloud users. The Chinese government has denied any involvement in the attacks, which can bypass the latest iPhone's stronger encryption.
White House Cybersecurity Coordinator Michael Daniel says medical device manufacturers need to do a better job of baking cybersecurity into product development. Meanwhile, federal officials are investigating suspected cybersecurity flaws in some devices.
Almost all versions of Windows are vulnerable to an OLE flaw that is being actively exploited in the wild. This is the second zero-day vulnerability tied to the so-called "Sandworm Team" of hackers, and no patch is yet available.
Security experts participating in an FDA workshop highlight the urgent need to immediately improve the cybersecurity of networked medical devices, which may be vulnerable to hacking that could potentially be life-threatening.