The Paul Allen card breach reiterates a concern financial fraud experts have been screaming about for years: Socially-engineered schemes that compromise employees. So, what can institutions do about them?
The FTC proposes that privacy protections be built at every stage in developing online products and consumers be given the option to decide what information is shared about them and with whom through a do-not-track system.
The Defense Department will employ a two-prong approach - securing the perimeter as well as the data - as it develops its cloud-computing architecture. "We're going to be able to better protect as we get more standardized," CIO Teresa Takai says.
Hacking is behind most large-scale data breaches. What steps can organizations and leaders take to safeguard their information post-attack? Karen Barney of the Identity Theft Resource Center offers advice.
NIST's latest guidance adds controls that reflect the rapidly changing computing environment, but the fundamentals of implementing controls haven't changed, Senior Fellow Ross says in a video interview.
Cybersecurity Act sponsors intensify their campaign to enact the legislation that would change the way the government protects critical federal and private-sector IT networks as a group of key Republican senators offers an alternative bill.
The Obama administration's Consumer Privacy Bill of Rights should be seen as a vital document to help shape an expansive and globally accepted privacy framework in the United States, privacy and data security lawyer Lisa Sotto says.
IT security practitioners who employ the RSA public-private key cryptography needn't lose sleep about its efficacy, despite new research that raises questions on how it creates large prime numbers to generate secret keys, IT security authority Gene Spafford says.