As organizations detect more breaches, incident responders are increasingly overloaded, says Darktrace's Dave Palmer, who recommends organizations adopt strategies for "surgically interrupting the bad" while maintaining normal business processes and productivity.
Cybersecurity insurers, faced with growing demand, are looking for new ways to better measure their risks, says Aleksandr Yampolskiy, CEO of SecurityScorecard. So some are moving toward more carefully scrutinizing the cybersecurity postures of their potential clients.
Nearly three weeks after human resources software vendor PageUp discovered malware on its system, the tally of what data was exposed remains unclear, although successful job applicants appear to have been hardest hit.
Phishing remains the top attack vector, and an organization's people of course remain the top target. But how can these same people be leveraged as a key component in your anti-phishing defense? Kurt Wescoe of Wombat shares insight.
When June arrives in the United Kingdom, that means it's time for the annual Infosecurity Europe conference in London. Here are visual highlights from this year's event, which featured 240 sessions, 400 exhibitors and an estimated 19,500 attendees.
The U.K.'s Dixons Carphone is investigating a data breach that resulted in the suspected exposure of 5.9 million payment cards and nonfinancial information for 1.2 million customers. The incident could become the first U.K. breach to fall under the EU's General Data Protection Regulation.
PageUp, an HR software developer in Australia with clients worldwide, is warning that malware-wielding attackers may have accessed a raft of personal data stored in its systems. The breach may be the largest to have hit Australia since its mandatory data breach notification law went into effect in February.
Although all the major credit card brands have dropped the requirement for obtaining signatures to verify point-of-sale transactions made with EMV payment cards, they're not pushing strongly for using PINs instead, leaving that authentication decision to card issuers, says Linda Kirkpatrick of Mastercard.
What impact will an appellate court's ruling Wednesday that vacated the Federal Trade Commission's data security enforcement action against LabMD have on the agency's long-term enforcement activities? Regulatory experts are weighing in.
LabMD, a now-defunct cancer testing laboratory, has won a major victory in its longstanding legal dispute with the Federal Trade Commission. A U.S. Court of Appeals on Wednesday vacated an FTC enforcement action against the lab in a data security dispute dating back to 2013.
Congress is considering how to help beef up the healthcare sector's preparedness and response to cyber threats. But why is there so much confusion about the role of the Department of Health and Human Services?
When it comes to fraud, enterprise data has a story to tell, and it's up to security and fraud leaders to know how to interpret that story. Jim Apger of Splunk discusses reading and reacting to these stories.