Agents tied to the Kremlin reportedly breached a home computer of a National Security Agency contractor that ran anti-virus software from Russian-owned Kaspersky Labs, pilfering details how the U.S. penetrates networks and defends against cyberattacks.
CISOs need to anticipate the important questions their CEO is likely to ask as mega-breaches make headlines and data security is in the spotlight. Here, security leaders offer insights on how to answer eight tough questions.
Equifax ex-CEO Richard Smith asserts that a single employee's failure to heed a security alert led to the company failing to install a patch on a critical system, which was subsequently exploited by hackers. But his claim calls into question whether poor patch practices and management failures were the norm.
In response to nation-state attackers targeting its account users, Google reportedly is planning to offer stronger authentication to politicians, corporate executives and other at-risk individuals as part of a service called the Advanced Protection Program.
Two dozen federal agencies continue to experience security weaknesses in five critical areas, putting government systems and data at risk, according to a new watchdog agency report. But which agency spends the most on IT security?
When Yahoo first disclosed a massive 2013 breach last year, it said 1 billion accounts appeared to have been compromised. But the search giant, now owned by Verizon, says "new intelligence" has revealed that the breach compromised every single Yahoo account, affecting 3 billion users in total.
Security programs fail because of too much emphasis on protection and not enough on detection and response, says Ira Winkler, president of Secure Mentem, who calls on CISOs to help change their organization's security priorities.
The key to simplifying the implementation of identity and access management, and streamlining integration with other systems, is to take advantage of industry standards, says Mark Perry of Ping Identity, an identity-defined security provider
At the first of three Congressional hearings slated this week to examine the Equifax mega-breach, one Republican said of the company's delay in detecting the breach: "It's like the guards of Fort Knox forgot to lock the doors and failed to notice the thieves were emptying the vaults."
A top Department of Homeland Security cybersecurity official says DHS is seeking to play a more active role in responding to cyber incidents at other U.S. federal agencies. At a House hearing, the top DHS policymaker also said securing the U.S. election system is his No. 1 priority.
The online exposure of an unsecured spreadsheet containing personal data on 660 subscribers to the Affordable Care Act health insurance exchange in Vermont has led the state to impose a $264,000 penalty on an IT services firm.
Credit-reporting agency Equifax says its massive breach was even worse than it suspected, affecting 145.5 million U.S. consumers. But it revised the number of suspected Canadian victims from 100,000 down to 8,000, yet says it's discovered that some also had payment card data compromised.
Credit-reporting agency Equifax's Australian website played host to scammers promoting pirated videos, live streams and books. The finding raises further questions about Equifax's security acumen.
The latest edition of the ISMG Security Report is devoted to a special report on how enterprises around the world should prepare for the European Union's General Data Protection Regulation, which starts being enforced in May.
"Human error and technology failures" led to the massive Equifax breach, the company's former CEO, Richard Smith says in written testimony submitted in advance of a Tuesday Congressional hearing.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.