A "bottom-up" approach to IoT security is essential, starting with the hardware as the "root of trust" and then addressing the operating systems and applications, says Wind River's Thilak Ramanna, who calls for the development of standards to ensure security is baked into devices.
Although experts see widespread, practical applications of artificial intelligence as at least a decade off, it's something that's on the mind of President Obama. The commander in chief shares his thoughts on the intersection of artificial intelligence, medical viruses and cybersecurity.
A report on the verbal combat between Hillary Clinton and Donald Trump over whether the Russian government is using hacks to influence the U.S. presidential election leads the latest edition of the ISMG Security Report. Also, an update on Dropbox's new password protection strategy.
"How secure are we?" That's one of the most common questions asked by boards and senior managers. But security and technology leaders do not always have ready answers, says Jacob Olcott of BitSight Technologies. Are they even using the right security metrics?
The latest edition of the ISMG Security Report leads off with an analysis of the PCI Security Standards Council's new requirements that are designed to help thwart attempts to defeat encryption in point-of-sale devices.
To better mitigate the breach risks tied to the growing use of mobile devices, organizations need to adopt enterprise digital rights management as a way to improve data security, says Gartner's John Girard.
Republican presidential candidate Donald Trump laying out his cybersecurity agenda leads the latest version of the ISMG Security Report. Also, federal leaders address threats posed to the U.S. electoral system.
Markus Jakobsson, Chief Scientist at Agari, has released a new book focused on socially-engineered schemes. What are the key takeaways, and how can security leaders improve their abilities to fight back against the schemers?
How can issuers and acquirers help smaller merchants improve payment card security? One way is to dramatically ramp up their efforts to educate the retailers about PCI compliance, says Michel Christodoulides of Barclaycard.
Commerce Secretary Penny Pritzker suggests that regulatory agencies should implement cyber threat information sharing programs with the businesses they regulate, not only to enhance their IT security, but to build a collaborative environment between the two, often adversarial sides.
The latest ISMG Security Report leads off with a discussion with DataBreachToday Executive Editor Mathew J. Schwartz on why online cybercrime is growing. Also, the status of the U.S. government's cyberthreat information sharing initiative.
In the wake of this week's rollout by NACHA, The Electronic Payments Association, of same-day ACH payments in the U.S., fraud departments at originating and receiving banks should be bracing for the new risks posed by faster payments, says NACHA's Jane Larimer, who offers insights on steps to take.
The latest ISMG Security Report leads off with a segment in which Managing Editor Jeremy Kirk explains that the massive Yahoo breach not only exposed the accounts of a half-billion customers, but also the weaknesses in the way enterprises employ hashed passwords.
As pressure to speed the development of applications intensifies, CISOs must be the "voice of reason," taking a leadership role in ensuring security issues are addressed early in app development process, says John Dickson, principal at Denim Group, a Texas-based security consultancy.