A Twitter posting by an individual claiming to be from the hacktivist collective Anonymous claimed it targeted GoDaddy on Sept. 10, but it wasn't until the following day the company determined its computers were not breached.
As Tropical Storm Isaac strikes, many organizations still sting from the impact of Hurricane Irene and 2011's other natural disasters. What lessons were learned, and how can they be applied now?
Cyber is part of our everyday lives. Still, in many cases, a natural - or perhaps an unnatural - divide exists between the virtual and physical worlds. This is especially true in the way we deal with crime.
After a breach, some organizations meet the minimum requirements for notification and then hope for the best. The Utah Department of Health is taking a very different approach that's worthy of imitation.
Medical identification theft is on the rise. Will healthcare reform, as recently affirmed by the Supreme Court, help reverse that trend? Here's why it's difficult to predict the impact of reform.
The ISO 22301 standard for business continuity has been issued. What do organizations need to consider as they implement the new standard? Lyndon Bird of the Business Continuity Institute offers insight.
How can organizations ensure that their information security staff is mitigating the latest threats? And what truly defines an information security professional? Here are some of the key ingredients.
Lyndon Bird, technical director of the Business Continuity Institute, praises the ISO 22301 standard for business continuity, calling it "An end to uncertainty." Learn about the emerging standard.
Weeks, months or even years often go by before organizations discover they've been hacked, not learning of the attack until law-enforcement authorities inform them, says recently retired FBI Executive Assistant Director Shawn Henry.
One problem tracking IT security employment is the dearth of information. Even the most trustworthy organization in collecting employment data, the Bureau of Labor Statistics, furnishes infosec data it cautions aren't reliable.
To build an effective information security program, organizations and leaders need to take seven essential steps, including updating a risk assessment, says consultant Tom Walsh.
Verisign Inc. may have followed the letter of the law when revealing a series of breaches in an SEC filing. But the company that assures the flow of a hefty portion of Internet traffic should have been more forthright to ease the minds of its various constituencies.
Bringing Your Own Device raises jitters among employers, who worry about exposing or losing sensitive data, and employees, who fret about their bosses spying on them. Despite these anxieties, the trend will continue because that's what people want.
IT security leaders rely on penetration testing to determine whether applications are secure. But penetration tests can't be a primary source of assurance, says Jeff Williams, co-founder of OWASP.
A legal dispute between a small merchant in Utah and its former payments processor has fueled a debate over contracts between merchants and acquirers. If successful, this case could spur contractual shifts that change the way card brands view liability after card breaches.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.