Organizations incorporating social media into their daily operations tend to have gaps in policies, and key aspects are often an afterthought, says attorney David Adler, who pinpoints areas to address.
As victims of cyber-attacks on their domain name systems providers, The New York Times, Twitter and the Huffington Post UK may have opened themselves and their customers to more nefarious threats, a leading IT security expert says.
Can roaming services be used successfully as a backup for mobile networks that fail? It's a new idea being explored by the European Network and Information Security Agency. What are the pros and cons?
The theft of four unencrypted computers from a Chicago area medical practice may affect 4 million patients. But the big question is: Why do breaches involving unencrypted computer devices still occur?
The National Institute of Standards and Technology has issued new guidance for designing cryptographic key management systems that describes topics designers should consider when developing specifications.
Gartner analyst Avivah Litan says fraudsters are using DDoS attacks as a distraction for a new, extremely effective account takeover scheme. How should institutions respond to this emerging threat?
Creating circles of trust - networks of IT security professionals who rely on one another - is a key element in forthcoming National Institute of Standards and Technology guidance on incident response.
To address the insider threat, Jeremy Walczak of Independent Health is using a privileged identity management system. Walczak and other experts offer detailed insights on mitigating emerging threats.
An emerging concept known as accelerated breach response aims to improve how organizations react to such incidents. What are the hallmarks of the new approach? Attorney Ellen Giblin offers insights.
Account takeover techniques are getting more sophisticated; new "account checkers" are helping hackers automate their processes. The trend is just one more reason why we need advanced forms of authentication.
White House Cybersecurity Coordinator Michael Daniel sees significant savings in continuous diagnostics because the automated approach to identifying systems vulnerabilities could replace costly checklist compliance reporting.
In the wake of Arbor Network's recent discovery of a new botnet that's brute-forcing passwords on WordPress sites, security experts, including Nick Levay of Bit9, recommend beefing up password security on web applications.
Three U.S. banks have been targeted by new DDoS attacks that apparently had little impact. As bank defenses improve, some experts say the attackers may shift targets to other industries affecting critical infrastructure.
HHS proposes that state insurance exchanges report data breaches within one hour after discovering them. CIO Curt Kwak of the Washington state exchange explains why compliance with such a rule would be challenging.
Consolidating Microsoft Active Directory isn't just a technical challenge, but a personnel one as well. Just ask Johnson Matthey's Steve Way, who had to calm dozens of administrators he labels as "masters of their own universe."
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.