Three years after a wave of DDoS attacks hit banks, two years after the Target breach and one year after the massive JPMorgan Chase breach, Standard & Poor's for the first time has warned that it may downgrade the credit ratings of banks that have poor cybersecurity.
In addition to having a dedicated individual or team responsible for privacy matters, organizations must ensure their information security and IT staffs are knowledgeable about data privacy issues, says Trevor Hughes, CEO of the International Association of Privacy Professionals.
The commoditization of attack infrastructure and services in the cyber-criminal underground, and the low cost and ease of launching targeted attacks, are growing concerns that require new defense strategies, says Trend Micro's Raimund Genes.
Cybercrimnals are now using the Dyre and Dridex banking Trojans to gather massive amounts of data about individuals and companies that could enable them to track patterns of behavior, which might later help them evade intrusion detection, says Fox-IT's Eward Driehuis.
A new GAO report points out persistent cybersecurity weaknesses among the federal government's two dozen largest agencies. It also questions the comprehensiveness of the guidance inspectors general receive for auditing the IT security compliance of agencies.
PCI Council General Manager Stephen Orfei says the migration to EMV in the United States will facilitate faster adoption of contactless mobile payments. That's why mobile will be a hot topic at the PCI Council's annual North America Community Meeting this week.
Defeating biometrics-based security with far-fetched schemes, such as stealing or replacing eyeballs and fingertips, is a recurring theme in the movies. But real-world advances in authentication will help make it difficult to circumvent real-world security.
The traditional Security Operations Center is out, and the new Security Intelligence Center is in. Greg Boison of Lockheed Martin tells how security leaders are winning business support for this evolution.
The U.S. and China, as part of a cybersecurity agreement, have agreed not to conduct or knowingly support cyber-enabled theft of intellectual property with the intent of providing competitive advantages to companies or commercial sectors.
President Obama, in reaching any type of cybersecurity accord with Chinese President Xi Jinping, should borrow from the diplomacy he used to reach the Iranian nuclear agreement: Get the best deal possible and then distrust but verify.
Federal auditors say a data repository used for data analysis and reporting for the Affordable Care Act, better known as Obamacare, had numerous data security shortcomings that have since been addressed. Security experts say the problems cited are common to many organizations.
The severity of the U.S. Office of Personnel Management breach continues to grow, with investigators now reporting that hackers stolen 5.6 million people's fingerprint data. The theft may have security implications well into the future.
The number of apps infected in the first large-scale Apple App Store malware outbreak is far higher than was first believed, according to the cybersecurity firm FireEye, which reports that at least 4,000 apps were infected with XcodeGhost malware.
The attacks have evolved, breaches have multiplied, and serious security gaps have been exposed. But what most concerns FireEye President Kevin Mandia? The rise of nation-states as leading threat actors.