The recent surge in ransomware attacks on hospitals has at least one member of Congress contemplating whether HIPAA's breach notification requirements need to be clarified or updated to reflect the trend.
Defending against online attackers, attempted account takeovers and other types of fraud requires closely monitoring networks, users and devices for any signs of anomalous behavior, says Thomas Hill, CIO of Live Oak Bank, in this video interview.
PCI DSS 3.1 is scheduled to become effective as of June 30, 2016, and with that comes several changes - and challenges for security professionals. In an interview, Dell's Tim Brown discusses why network security is instrumental to ultimately meeting PCI DSS 3.1.
Cyber attackers are not just more sophisticated and more persistent than ever before. They also are greedier, says IBM Security's Limor Kessem, who shares insight on the latest fraud threats to UK banking institutions.
A new report, Threat Horizons 2018, from the Information Security Forum paints a fairly pessimistic picture of enterprises' ability to protect their IT from cybercriminals over the next two years. In an interview, ISF's Steve Durbin discusses what organizations can do to mitigate cyberthreats.
The FBI has successfully retrieved data off the iPhone used by one of the San Bernardino shooters and is withdrawing its motion to have a federal court order Apple to help the government unlock the phone. A federal law enforcement official declines to characterize the information discovered on the device.
Until the IRS takes appropriate steps to resolve security control deficiencies, taxpayer data will remain "unnecessarily vulnerable" to inappropriate use, a Government Accountability Office audit report warns.
Will the Fed support the use of cryptocurrency and related blockchain technology to help push the movement to faster payments? Experts at ISMG's Fraud and Data Breach Prevention Summit in San Francisco last week considered the possibilities.
Verizon Enterprise Solutions, which regularly assists clients in responding to their data breaches, admits it's suffered its own breach. The breach of contact information reportedly affected 1.5 million business customers, who now face greater risk of phishing attacks.
Despite the recent move to put the FBI-obtained court order against Apple on hold, the crypto debate is far from over, said a panel of law enforcement, legal and industry experts at Information Security Media Group's Fraud and Breach Prevention Summit in San Francisco.
Neither the FBI nor Apple looks good in the days following the postponement of a hearing on whether Apple should be forced to help the bureau crack open the iPhone of one of the San Bernardino shooters. The FBI's credibility is being questioned as Apple's security technology is being tarnished.
The Justice Department has unsealed indictments against seven Iranians, allegedly working on behalf of the Iranian government, who are suspected of conducting DDoS attacks against dozens of American banks and attempting to seize control of Bowman Dam outside New York City.
More than 300 security incidents involving Obamacare's HealthCare.gov were reported over an 18-month period, according to a new GAO report, which recommends numerous security and privacy control enhancements for the federal health insurance marketplace.
Ransomware attacks against hospitals are becoming commonplace this year, with at least five incidents revealed in recent weeks. What steps can organizations take to avoid falling victim to these attacks?
In many enterprises, the CISO reports to the CIO, and occasionally you find a CIO who reports to the CISO. But Venafi's Tammy Moskites holds both roles. How does she manage the natural tension between IT and security?