The Justice Department's appeal of a court order that the government can't compel Apple to unlock an iPhone used by an accused drug dealer is significant because it sets in motion a process that could lead to a Supreme Court ruling on whether mobile device makers must give law enforcement an encryption backdoor.
A thriving market now exists to help cybercriminals recruit new talent, says Rick Holland of the threat intelligence firm Digital Shadows, which has been studying how cybercriminals advertise for new recruits - and the types of technology skills that are most in demand.
The U.S. government's intrusion detection and prevention program known as Einstein has limited ability to detect breaches of federal information systems, according to a new Government Accountability Office report.
Banking institutions and associations are demanding that the Federal Financial Institutions Examination Council make significant changes to its Cybersecurity Assessment Tool. What action, if any, will regulators take in response?
Security experts say the conclusions of an inspector general's report on how the Nuclear Regulatory Commission contracts the administration of security operation centers also applies to other government agencies and private businesses.
Slamming a Ukrainian energy provider for recently falling victim to a spear-phishing email and Excel macro attack might be easy. But security experts recommend all organizations use the incident to ensure they won't fall victim to copycat attacks.
A judge has dismissed a class-action lawsuit against Michaels, filed after the retailer warned that POS malware-wielding attackers had successfully stolen details of an estimated 2.6 million payment cards. But the ruling isn't a surprise - here's why.
An inspector general report on a Federal Reserve audit raises more questions than it answers regarding the security risks facing one of the Fed's information systems. The executive summary of the audit fails the transparency test to inform the public.
Privacy and security expert Rebecca Herold outlines three common HIPAA compliance missteps and offers advice on bolstering security and minimizing the risk of breaches.
The HHS Office for Civil Rights will dramatically ramp up its HIPAA enforcement activities in 2016, fueled by a financial infusion from recent fines in HIPAA cases, predicts privacy attorney David Holtzman of CyngergisTek, a former OCR senior adviser.
New guidance for cyber-resilience, vendor management and breach notification are expected for New York state banks in early 2016. And the tone set by these guidelines may have a ripple effect, influencing the actions of federal banking regulators.
A federal audit of three California Medi-Cal (Medicaid) managed care organizations found dozens of "high risk" security control vulnerabilities. But security experts say the problems identified, unfortunately, are common throughout the healthcare sector.
A U.S. House committee recently passed legislation that's aimed at helping law enforcement bring to justice cybercriminals from other nations who buy and sell payment card data stolen from U.S. citizens. But would it really help the global fight against cybercrime?
With the heightening of the threat of cyber-attacks to America's critical infrastructure, a congressional watchdog says federal agencies need to adopt better metrics to determine the risks specific to the industries they monitor.
A government audit of Internal Revenue Service financial statements reveals deficiencies in internal information security controls, including missing security updates, insufficient audit trails and monitoring for certain key systems and use of weak passwords.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.