The latest edition of the ISMG Security Report analyzes the debate over whether the government should require technology firms to use weak encryption for messaging applications. Plus, D-Link's proposed settlement with the FTC and a CISO's update on medical device security.
The debate over whether the U.S. government should have the right to force weak crypto on Americans has returned. Here's what hasn't changed since the last time: mathematics and the choice between strong crypto protecting us or weak encryption - aka backdoors - imperiling us all.
U.S. Sen. Ron Wyden, D-Ore., is urging the National Institute of Standards and Technology to create new standards and guidelines for individuals and organizations to securely share sensitive documents online. He contends current security measures are inadequate.
Carelessness, a lack of security awareness, unclear data ownership and poor toolsets are root causes of insider breaches, says Tony Pepper, CEO of Egress, which recently surveyed CISOs and employees to trace the cause of insider breaches resulting from both intentional and unintentional loss.
What stands out most about a proposed $74 million settlement of a class action lawsuit against Premera Blue Cross in the wake of a 2014 data breach? Technology attorney Steven Teppler offers insights in this interview.
In today's digital environment, protecting sensitive information and sales transaction data is of critical importance. Technology and advanced loyalty programs are driving the collection of additional data, causing consumers to pay more attention to the types of data they are willing to share with merchants.
In today's environment of distributed IT solutions, hardware security modules (HSMs) - which safeguard a company's encryption keys - are often housed in remote data centers, making HSM management challenging and making it costly to access information about this mission-critical security hardware.
Encryption is skyrocketing both inside corporate networks and on the public internet - and studies show that more and more attackers are using this trend to hide their activities from your SOC:
70% of malware binaries sampled in the 2018 Annual Cybersecurity Report from Cisco took advantage of encrypted network...
System Administrators are no loner managing boxes sitting under their desks; Now, they're coding their infrastructure. The new digital users, enforced by the as-a-service business model, leave them facing critical challenges to manage and interconnect increasingly diverse systems, and to ensure scalability and...
The latest edition of the ISMG Security Report offers an in-depth look at the ever-changing ransomware threat. Other topics: filling the DevSecOps skills gap and the repercussions of Australia's encryption-busting law.
The 2019 Global Encryption Trends Study surveyed 5,856 individuals across multiple industry
sectors in 14 countries/regions.
The purpose of this research is to examine how the use
of encryption has evolved over the past 14 years and
the impact of this technology on the security posture
An essential component of protecting payment information is devaluing the data that is transmitted so it's of no use to hackers, says Lance Johnson, executive director of the PCI Standards Security Council.
Brad Smith, Microsoft's chief legal officer, says Australia's encryption-busting law is causing companies and governments to look elsewhere to store their data. Microsoft hasn't changed it own local operations yet, but other companies say they're no longer comfortable storing data there, he says.
Smartphone security is paramount for certain scenarios, but software based encryption has been shown to be insufficient. Mike Fong, founder and CEO of Privoro, demonstrates a hardware based solution to smartphone encryption