When it comes to describing the top fraud threats to UK financial institutions, it's all about compromised identities and credentials, says John Marsden of Equifax. How can organisations prove their customers are who they say they are?
In the wake of cyberattacks, federal regulators are proposing tough new standards designed to bolster cybersecurity at the nation's largest banking institutions.
In the twelfth HIPAA enforcement action so far this year, federal regulators have smacked St. Joseph Health System with a $2 million penalty after investigating a breach that exposed patient information to internet searches for more than a year. And more enforcement actions tied to other breaches are on the way.
U.S. Presidential candidate Donald Trump's business organization downplayed a finding from a UK-based researcher that the organization uses, in some cases, decade-old email software, posing significant cybersecurity risks.
While hitting back may be satisfying and worthwhile to some, whether and how to do it is hardly a simple matter. Many questions need to be addressed, perhaps answered before going ahead.
A recent breach reported by an Arlington, Texas-based pediatric clinic serves as the latest reminder of the substantial risks ransomware poses to patient data. The clinic offers advice to others based on difficulties it experienced in the response to the attack, and security experts also provide insights.
A search warrant executed earlier this year gave authorities the power to force occupants of a Los Angeles-area house to unlock devices with their fingerprints, casting doubt on biometric defenses.
In January, banks and other financial services companies based in New York may have to comply with tough new cybersecurity requirements. But some critics contend that the state's regulatory proposal is far too prescriptive, making it challenging for banking institutions, especially smaller ones, to comply.
IoT devices running the authentication protocol OpenSSH are being compromised and used as proxies in attacks that aim to take over accounts at popular web services, according to new research from Akamai.
With comprehensive network modeling extending into virtual networks, network security engineers can gain the needed visibility to unify security and compliance processes across their hybrid hardware and virtual environments.
A malware-wielding gang has been targeting financial firms' SWIFT software to inject fraudulent money-moving messages since at least January in "discreet campaigns" not tied to the Bangladesh Bank hack, Symantec warns.
The National Health Information Sharing and Analysis Center aims to better engage smaller healthcare organizations in cyber threat information sharing, leveraging funds from two recent federal grants. Denise Anderson, president of NH-ISAC, describes the plans in this in-depth interview.
Under Australia's strict definition of a cyberattack, the country has never actually experienced one. The claim underscores ongoing questions about how to describe cybersecurity incidents.
Fashion accessories retailer Vera Bradley says its payments processing system was compromised by a malware attack. The retailer says card transactions conducted between July 25 and Sept. 23 at some of its 35 locations may have been affected.
Understanding the difference between cybersecurity crisis management and security incident response could be critical to your organization's survival. In this blog, a CISO offers insights on creating an effective crisis management plan.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.
