U.K. health and beauty retailer Superdrug Stores is warning customers that attackers may have compromised some of their personal information, apparently because they'd reused their credentials on other sites that were hacked. While Superdrug quickly notified victims, it stumbled in three notable ways.
A lawsuit accuses Google of "the surreptitious location tracking of millions of mobile phone users." The legal action was sparked by a report demonstrating that some Google apps tracked and time-stamped users' locations even if a user deactivated the "location history" setting.
Regulatory compliance and technology innovation are making security more complex, so organizations need to look beyond technical base measures for metrics, says SAI Global's Andrew Bissett.
Cybercrime is a business and, like any business, it's driven by profit. But how can organizations make credential theft less profitable at every stage of the criminal value chain, and, in doing so, lower their risk?
It's déjà vu "FBI vs. Apple" all over again, as Reuters reports that the Justice Department is seeking to compel Facebook to build a backdoor into its Messenger app to help the FBI monitor an MS-13 suspect's voice communications.
The best way to take a holistic approach to the current threat landscape is to define security issues as business problems and then put the problem before the solution - not the other way around, contends RSA CTO Zulfikar Ramzan.
While IT and OT integration has brought about new levels of operational efficiency, it has also introduced serious cyber risks that conventional IT security approaches might fail to address, says IBM Security's Paul Garvey.
Although cybersecurity plans sometimes clash with business goals, the role of security should be to enable the business and not necessarily lock everything down, says Andrew Woodward of Australia's Edith Cowan University.
When is it acceptable to allow healthcare workers to use their personal smartphones to access patient records? A recent incident at the Oklahoma Department of Veterans Affairs spotlights the dilemma.
Artificial intelligence and machine learning will have a significant impact on lowering the cost of securing an organization because it will reduce the need for advanced skillsets, predicts Rapid7's Richard Moseley.
As the HIPAA security rule turns 20, it's time for regulators to make updates reflecting the changing cyberthreat landscape and technological evolution that's happened over the past two decades, says security expert Tom Walsh.
An analysis of the privacy issues Amazon will face as it dives deeper into the healthcare business leads the latest edition of the ISMG Security Report. Also featured: A preview of ISMG's Security Summit in New York Aug. 14-15.
Even though many organizations believe that supply chain cyber risk is a serious problem, very few organizations are vetting their suppliers, says CrowdStrike's Michael Sentonas.
Forty-eight percent of customers drop the products and services of organizations that have had a publicly-disclosed data breach. This is but one of the findings of the new 2018 Global State of Online Digital Trust study commissioned by CA Technologies. CA's David Duncan analyzes the results.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.