In this era of "fake news," Time Inc. Deputy CISO Preeti Palanisamy takes seriously the challenge of maintaining the integrity of journalism from content creation through production and eventual publication.
Facebook CEO Mark Zuckerberg says the social networking company is already complying with parts of Europe's GDPR privacy legislation, but it won't comply with all of its requirements worldwide. Zuckerberg's comments are likely to rile critics following the uproar around voter-profiling firm Cambridge Analytica.
Do you have $100,000 burning a hole in your pocket and an abiding love of bitcoins? If so, then the U.S. Marshals Service has an offer you can't refuse: Bid on bitcoins seized in some high-profile investigations, including the Silk Road takedown.
Interbank messaging service SWIFT will begin collecting and sharing anonymized attack information and offering incident-response services - backed by Fox-IT and BAE Systems - to help hacked banks. But will financial institutions buy in?
In the event of a "Brexit" - British exit - from the European Union following this week's referendum, the U.K. would likely still have to comply with EU data protection laws, but also face cybercrime-related policing and prosecution challenges.
Is SWIFT now playing good cop/bad cop? While it initially promised to not police the financial services industry, it's now considering training auditors and suspending banks found to have poor information security practices.
Advanced attacks are out, while persistent, relatively simple attacks are in. Despite all of the APT hype in recent years, cybercriminals, and especially nation-state attackers, prefer to keep things simple. Information security experts explain why.
The hacker community can be a cynical crowd, or perhaps a realistic one, that tries to make the best of the threats confronting society. CISO Dan Geer, for example, prefers to hire security folks who are, more than anything else, sadder but wiser.
NIST will soon start writing the "final" version of its cybersecurity framework, a guide to information security best practices for operators of the nation's critical infrastructure. But should it be beta tested?