Legislation introduced last week would give the U.S. Senate's sergeant at arms responsibility to help secure the personal devices and online accounts used by senators and their staff to help ward off cyberattacks and other threats.
When a company plans to make an acquisition, it should conduct a "compromise assessment" to assess whether the organization being purchased has had an undiscovered breach, says Steve Ledzian, CTO for Asia Pacific at FireEye.
If you run a Magento-powered e-commerce site, it's time to patch again. E-commerce sites continued to be targeted by cybercriminals seeking to steal payment card data, and experts recommend moving quickly to plug the most critical flaw, a SQL injection vulnerability.
Communication of cyber risks to executives using enterprise risk methodologies is imperative for improving incident prevention, according to Randy Trzeciak and Brett Tucker of Carnegie Mellon University, who offer tips.
The operational technology world is focused on two things: safety and reliability. But with increasing IT-OT integration, cybersecurity needs to be considered the third leg of the stool, says Phil Quade, CISO at Fortinet.
The conventional approach to cybersecurity focuses on separating the good from the bad using perimeters, firewalls, containers and other methods. But Corey Williams of Idaptive says that approach is no longer sufficient.
Multi-stage attacks use diverse and distributed methods to circumvent existing defenses and evade detection - spanning endpoints, networks, email and other vectors in an attempt to land and expand. Meanwhile, individual tools including DLP, EDR, CASBs, email security and advanced threat protection are only designed to...
An essential component of protecting payment information is devaluing the data that is transmitted so it's of no use to hackers, says Lance Johnson, executive director of the PCI Standards Security Council.
A proposed settlement in a class action lawsuit filed against ULCA Health in the wake of a 2015 cyberattack affecting 4.5 million individuals stands apart from other settlements because it requires the organization to spend a substantial sum on improving its security, says attorney Steven Teppler.
Buyer beware: A new study shows used USBs offered for sale on eBay and elsewhere may contain a wealth of personal information that could potentially be used for identity theft, phishing attacks and other cybercrimes.
The computer systems the U.S. Department of the Treasury uses to track the nation's debt have serious security flaws that could allow unauthorized access to a wealth of federal data, according to a pair of audits released this week by the Government Accountability Office.