Establishing an effective security incident response program is a key component of an information risk management strategy. And NIST has issued draft guidelines to help organizations implement such a program.
The hacking group Anonymous Brazil has targeted the websites of several of Brazil's top financial institutions, including Banco Bradesco and Banco do Brasil, with distributed denial-of-service attacks, leaving the sites in the dark, the Associated Press reports.
Organizations that have experienced a breach report that three lessons they learned were to limit the amount of personal information collected, limit sharing data with third parties and limit the amount of data stored, a new survey shows.
The extensive news media coverage of a 911 emergency call about actress Demi Moore is calling attention to an important issue: The need to protect privacy.
"Iran's intelligence operations against the United States, including cyber capabilities, have dramatically increased in recent years in depth and complexity," National Intelligence Director James Clapper says.
Imagine if the shutdown of Wikipedia was involuntary, taken down by politically minded hackers, and not an intentional act of protest. What's the message of the blackout beyond the protest over anti-piracy legislation?
The University of Hawaii has agreed to settle a class action lawsuit involving data breaches affecting about 96,000. It agreed to provide those affected two years of free credit monitoring and credit restoration services.
How can companies and IT security leaders keep a security breach from becoming a long-term problem and stop it from negatively affecting their customer base?
What are the critical steps that IT security professionals should take in the aftermath of a breach? CEO Micky Tripathi of The Massachusetts eHealth Collaborative offers eight practical lessons based on his breach resolution experience.
With the surge in use of tablets, smart phones and other mobile devices, it's good to see some privacy and security best practice guidance is in the works.
Security and privacy officers for global organizations can expect increased work in protecting customer data if a proposed regulation introduced before the European Commission becomes law, cyber and privacy lawyer Francoise Gilbert says.
Nine state attorneys general are demanding that Internet retailer Zappos provide details on the company's recent data breach that affected 24 million individuals.
President Obama uttered the term "cyber" only once in his 7,200-word State of the Union address Tuesday night, but that fleeting moment about an hour into the speech could prove significant.
Bringing Your Own Device raises jitters among employers, who worry about exposing or losing sensitive data, and employees, who fret about their bosses spying on them. Despite these anxieties, the trend will continue because that's what people want.
IT security leaders rely on penetration testing to determine whether applications are secure. But penetration tests can't be a primary source of assurance, says Jeff Williams, co-founder of OWASP.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.
