Sony Corp.'s announcement that hackers may have accessed data on 77 million gamers follows a long line of recent breaches. And Neal O'Farrell of the Identity Theft Council says the string of incidents has led to consumer 'breach fatigue.'
A focus on cost and speed, not on data protection, creates a security hole, a survey of cloud computing service providers reveals. Nearly two-thirds of providers say they aren't confident cloud apps are sufficiently secured.
"The location data that researchers are seeing on the iPhone is not the past or present location of the iPhone, but rather the locations of Wi-Fi hotspots and cell towers surrounding the iPhone's location," Apple said.
"We took our understanding of the tools, tradecraft and techniques used by these malicious actors, and converted it into actionable information that ... would lower their risk to the type of attack we saw at RSA," DHS Secretary Janet Napolitano says.
Well-publicized health information breach incidents are serving as important reminders that paying attention to the physical security of data centers is a vital component of any information security strategy.
The Department of Health and Human Services has announced two projects tackling the issue of how to obtain patient consent to provide access to their electronic health records via health information exchanges.
Healthcare organizations should provide their staffs with training on how to guard against identity theft regardless of whether they must comply with the federal Red Flags Rule, says fraud prevention expert Jeremy Miller.
Top executives seek the CISO's advice to help determine whether cloud computing benefits outweigh the risks. Here are the top five cloud security risks and concerns CISOs must discuss with their leaders.
"One important element of this effort will be to ensure that we are properly informed going forward about the cyberthreats posed by criminals, terrorists and hostile nations," says Sen. Sheldon Whitehouse, sponsor of the Cybersecurity Public Awareness Act.
While the cause of the Epsilon e-mail breach has not been publicly disclosed, the incident's aftermath has seen a growing list of organizations impacted by the breach. It also has ignited a new debate about the sensitivity of e-mail addresses.