In a video interview, Bob Carr of Heartland Payment Systems offers a frank assessment of missteps in the wake of the processor's landmark 2008 data breach, and he calls for widespread use of end-to-end encryption.
To avoid having their organizations exploited by teenage hackers, boards of directors worldwide need to get serious about security. Here are five lessons to be learned from the latest TalkTalk data breach.
Under the White House's new cybersecurity strategy and implementation plan, federal civilian agencies face a Nov. 13 deadline to identify and report their high-value information and assets that could attract adversaries.
The FFIEC has issued an alert calling on financial institutions to take specific risk mitigation steps in light of an increase in the frequency and severity of cyberattacks involving extortion. Fraud experts applaud the move while offering additional recommendations.
The quantity and duration of distributed denial-of-service attacks continue to increase. The latest attacks are being launched via MySQL servers infected with Chikdos malware, as well as compromised Internet-connected CCTV systems, researchers say.
Tinba, which has been linked to attacks in the U.S., Canada and Europe, is now targeting bank accounts in Russia, according to a new report from Dell SecureWorks. Researcher Brett Stone-Gross tells why Tinba is unusual and can be tough to detect.
Developing a successful information security career requires excellent technical acumen as well as the ability to understand the impact that security policies have on people, says Gurdeep Kaur, a chief security architect at AIG.
As more banks and government agencies stop providing free BlackBerries to employees, the beleaguered smartphone manufacturer is attempting to reboot with the launch of its first Android smartphone, dubbed Priv for privacy.
British police have arrested a third suspect in connection with the hack attack against telecommunications provider TalkTalk. Separately, Vodafone UK also issued an alert of a breach, which it traced to reused passwords.
The so-called 30-day cybersecurity sprint championed by Federal CIO Tony Scott has resulted in a strategy and implementation plan for federal government civilian agencies that focuses on a defense-in-depth approach to IT security.
Senate-approved legislation that would incentivize businesses to share cyber threat information with the government also would strengthen the Department of Homeland Security's oversight of civilian federal agencies in implementing cyber safeguards.
A quiet life in retirement? Not for Art Coviello, former executive chairman of RSA. He's just joined the boards of two new security ventures, Bugcrowd and Cylance, and he's got big ideas for how to influence the 2016 cybersecurity agenda.
LifeLock says it has reached a tentative agreement on a settlement with the FTC regarding alleged information security shortcomings and other issues. It says it's also reached agreement on a proposed settlement of a related consumer class action lawsuit. The stock market reacted favorably to the announcements.
Many CEOs and boards of directors are failing their companies by not truly understanding their cybersecurity risks, says Steve Durbin of the Information Security Forum. He stresses that senior leaders must ensure their organizations provide adequate funding to manage risks.
While sophisticated cyberattacks and high-profile mega-breaches get most of the attention, European fraud experts say less sophisticated attacks are far more common and pose a greater fraud risk. At ISMG's Fraud Summit in London, they called for global collaboration to fight fraud.