Privacy advocates in the Senate have introduced a national data breach notification bill that would allow states to keep their own laws if they provide more stringent reporting and privacy protections than offered by the federal government.
The House Judiciary Committee, in passing a tailored bill to end the NSA's bulk collection program of phone records, rejected amendments to expand privacy reforms to other government surveillance initiatives.
The latest victim of malware attacks against point-of-sale system vendor NEXTEP is foodservice management company Compass Group, which says payment card data for up to 70,000 users of self-service kiosks was exposed.
Romanian authorities' detention this week of 25 suspects believed to be part of an international cybercrime ring could be linked to a $45 million ATM cash-out scheme dating back to December 2012, security experts say.
Trying to consume threat data remains a difficult and highly manual process, says Solutionary's Joseph Blankenship. But better machine learning and artificial intelligence could make the task easier for enterprises.
In today's cloud-based and mobile-security world, data and applications regularly operate both inside and outside any supposed "traditional" network perimeter, and that makes them tough to secure, say F5 Networks' Preston Hogue and Greg Maudsley.
Why not tap a community of bug hunters to find vulnerabilities in your products? That's the pitch behind Bugcrowd, which enables thousands of bug hunters to earn prestige - and cash - for finding and reporting new vulnerabilities.
How can businesses ensure that the content coming into an application is executed safely, and that the application itself isn't under attack? That's the problem being addressed by Prevoty, says CEO Julien Bellanger.
Laws rarely, if ever, keep up with technology, but even if they could, the consequences could prove more harmful than the benefits. That was evident at a House hearing that addressed default encryption of mobile devices.
After nearly 2Â½ months on the job, federal Chief Information Officer Tony Scott was reluctant to offer Congress a detailed assessment of the quality of agencies' information security until reviewing results of pending "CyberStat" reviews.