What is the Identity Ecosystem Framework, and why is it so important for security professionals to embrace? Kimberly Little Sutherland of LexisNexis Risk Solutions shares insights on the future of online identity.
The PCI Security Standards Council has published a new version of its data security standard that calls for ending the use of the outdated Secure Sockets Layer encryption protocol that can put payment data at risk.
Despite the growing attention that federal regulators have been giving to medical device cybersecurity, many healthcare organizations still neglect those devices in their risk management and compliance programs, says security expert Andrew Hicks.
In the wake of the breaches suffered by JPMorgan Chase, Sony and Anthem, attack attribution and information sharing are playing more prominent roles for banking leaders, and they will be key discussion points at the upcoming RSA Conference 2015 in San Francisco.
Over the last six months, the University of Vermont Medical Center has seen a spike in phishing attempts, including those laced with malware in an attempt to steal credentials, says CISO Heather Roszkowski, who describes her defensive efforts.
Banks are not doing enough to ensure that third-party service providers are taking adequate cybersecurity steps, according to the New York State Department of Financial Services, which is considering ramping up regulatory scrutiny.
Researchers at Kaspersky Lab have released information on a denial-of-service bug, dubbed "Darwin Nuke," found in Apple's operating systems. Security experts weigh in with recommendations.
The advanced and persistent nature of today's cyber-attacks, which are often waged by nation-states, is changing the way organizations address network security, says BitSight CEO Shaun McConnon.
The Healthcare Information and Management Systems Society 2015 Conference in Chicago offers many new opportunities to learn about health data privacy and security issues, including the debut of a Cybersecurity Command Center.
Singapore-based Singtel, Southeast Asia's largest telecommunications company, has entered a definitive agreement to acquire U.S.-based managed security services company Trustwave for $810 million.
New, advanced point-of-sale malware dubbed "Poseidon" can exfiltrate card data directly from every infected device. And security experts warn that too many retailers fail to test POS devices and segment networks to mitigate all malware threats.
Too often enterprises fail to adequately vet their cloud service providers, which can create security vulnerabilities, according to IT security lawyers Francoise Gilbert and Ellen Giblin.
The Target breach was the hot topic for many RSA 2014 attendees, but Gartner's Avivah Litan was already talking about the next Target - a UK retailer that may have suffered a similar hack, exposing payment card data.
Troy Leach of the PCI Security Standards Council says data security standards are not failing; they just aren't being applied continuously. And conformance with the Payment Card Industry Data Security Standard is just one piece of the puzzle.
The security profession isn't quite prepared to deal with the full ramifications of the 'Internet of things,' says incoming ISACA president Robert Stroud. What other challenges await security pros?
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.