Kaspersky Lab has discovered a new, advanced persistent threat - inside its own networks. Dubbed Duqu 2.0, the malware has ties to Stuxnet, and was used to target Iranian nuclear negotiations, researchers say.
If you look at recent breaches, you see a common thread: If privileged identities were better managed, breach impacts would greatly lessen. Bill Mann of Centrify discusses the essentials of privileged ID management.
Organizations are getting increasingly prioritizing incident response capabilities by putting investigation firms on retainer, or creating their own internal teams, says Patrick Morley, president and CEO of Bit9 + Carbon Black.
Attackers today continue to refine their distributed denial-of-service attack capabilities, delivering downtime on demand. The increase in attack effectiveness and volume demands new types of defenses, says Akamai's Richard Meeus.
Many questions remain unanswered about the data breach at the U.S. Office of Personnel Management that may have exposed personal information for 4 million current and former government workers. Here's a closer look at seven of them.
Larry Ponemon, founder of the Ponemon Institute, offers an in-depth analysis of the results of the organization's 10th study of the costs of data breaches, which found, for example, that rapid growth in hacker attacks is leading to escalating costs.
The Gartner Security and Risk Management Summit tackles digital business, a concept that blurs the physical and digital worlds, and requires organizations to reconsider how they approach IT security and risk management.
Rather than taking specific steps to thwart potential cyber-attacks from nation-states, organizations should focus instead on implementing a comprehensive strategy to protect their sensitive data from all threats, says Lance James of Deloitte &Touche.
While cyberthreat information sharing within the banking sector has improved, the retail sector has failed to keep up. But ISACA's Robert Stroud said pending federal legislation could help change that.