Establishing an effective security incident response program is a key component of an information risk management strategy. And NIST has issued draft guidelines to help organizations implement such a program.
The hacking group Anonymous Brazil has targeted the websites of several of Brazil's top financial institutions, including Banco Bradesco and Banco do Brasil, with distributed denial-of-service attacks, leaving the sites in the dark, the Associated Press reports.
Rep. Dan Lungren, the bill's chief sponsor, contends the regulatory approach taken by his bill would be less intrusive on the private sector than proposed Senate legislation and a plan by President Obama.
"These changes might not otherwise be troubling but for one significant change to your terms of service: Google will not permit users to opt out," the leaders of a House panel say in a letter to Google CEO Larry Page.
IT security provider Symantec says it identified multiple publisher identifications on the Android Market that are being used to push out Android.Counterclank, which it characterizes as a bot-like threat that can receive commands to carry out certain actions, as well as steal information from the device.
The University of Hawaii has agreed to settle a class action lawsuit involving data breaches affecting about 96,000. It agreed to provide those affected two years of free credit monitoring and credit restoration services.
Spear phishing, or targeted phishing, schemes are the industry's most concerning trend, according to a new report from the APWG. So, what can we do to curb phishing attacks? Executives at BITS and FS-ISAC have a new idea.
People, as much as anything else, are a critical aspect of information risk management, and businesses and government agencies must monitor employees - and educate them, as well - to thwart a potential threat from within.