Government cyber teams must adopt a modern and evolving security operations model and an analytics-driven approach to cybersecurity if they hope to keep pace with the evolving threat landscape.
Facebook CEO Mark Zuckerberg says the social networking company is already complying with parts of Europe's GDPR privacy legislation, but it won't comply with all of its requirements worldwide. Zuckerberg's comments are likely to rile critics following the uproar around voter-profiling firm Cambridge Analytica.
Technology giants are still struggling to identify what's at risk from the Spectre and Meltdown flaws in modern CPUs, never mind getting working security updates into users' hands. In the meantime, expect a rush by researchers to find more flaws in microprocessor code.
Businesses that fail to block former employees' server access or spot any other unauthorized access are asking for trouble. While the vast majority of ex-employees will behave scrupulously, why leave such matters to chance?
Do you have $100,000 burning a hole in your pocket and an abiding love of bitcoins? If so, then the U.S. Marshals Service has an offer you can't refuse: Bid on bitcoins seized in some high-profile investigations, including the Silk Road takedown.
Will LaSala, Director of Services at VASCO, discusses lessons learned from the Pokemon Go craze about detecting and responding to jailbreaking and rooting attacks against mobile applications.
Interbank messaging service SWIFT will begin collecting and sharing anonymized attack information and offering incident-response services - backed by Fox-IT and BAE Systems - to help hacked banks. But will financial institutions buy in?
In the event of a "Brexit" - British exit - from the European Union following this week's referendum, the U.K. would likely still have to comply with EU data protection laws, but also face cybercrime-related policing and prosecution challenges.
Is SWIFT now playing good cop/bad cop? While it initially promised to not police the financial services industry, it's now considering training auditors and suspending banks found to have poor information security practices.
Advanced attacks are out, while persistent, relatively simple attacks are in. Despite all of the APT hype in recent years, cybercriminals, and especially nation-state attackers, prefer to keep things simple. Information security experts explain why.
The hacker community can be a cynical crowd, or perhaps a realistic one, that tries to make the best of the threats confronting society. CISO Dan Geer, for example, prefers to hire security folks who are, more than anything else, sadder but wiser.
We may never really know who or what is to blame for the Target breach that exposed as many as 40 million U.S. debit and credit cards, but there definitely is no shortage of theories from our readers.
NIST will soon start writing the "final" version of its cybersecurity framework, a guide to information security best practices for operators of the nation's critical infrastructure. But should it be beta tested?
Hacktivists may have halted their attacks, but DDoS strikes against U.S. banks continue. Download-flooding attacks that took aim at two banks last week demonstrate the need for continued vigilance.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.