The chief privacy officer's role has changed considerably, particularly in response to today's cyberthreats. As a result, CPOs at banking institutions need to be collaborators, designers, gatekeepers, teachers and more.
Legal experts say the majority of class-action lawsuits filed in response to data breaches fail, and that's unlikely to change unless lawmakers or the courts rethink notions of "injury" and "harm" to encompass more than just fraud.
A judge's decision to allow MasterCard's settlement with Target to stand isn't likely to be appealed and could discourage banking institutions, some experts say, from continuing to pursue a breach-related class-action lawsuit they filed against the retailer.
Some federal lawmakers are concerned that passing a national data breach notification law would weaken security protections found in certain states' statutes. That's a major reason getting a national law enacted will prove difficult.
Lenovo issues an emergency patch to fix flaws in the System Update software that it preinstalls on business-focused Windows PCs after security researchers discover vulnerabilities that could be used to remotely compromise machines.
It's unlikely that the same hackers that hit Sally Beauty in 2014 struck the company a second time this year, several threat intelligence experts say. Find out the latest theories about what may have led to the apparent second breach of the retailer.
One year after Sally Beauty Supply revealed that a network breach compromised payment card data and exposed 25,000 records, the company says it is investigating new breach reports. Did it fail to eradicate the original intrusion?
Emerging cybersecurity risks are now banking institutions' top concern, says the ABA's Heather Wyson-Constantine. What are institutions' contractual protections in the wake of a third-party data breach?
Security expert Mike Canavan of Kaspersky Lab North America pinpoints several critical security steps that organizations can take to help reduce the likelihood they'll become a victim of a hacking attack.
Knowing exactly when to share information with law enforcement in the wake of a breach is challenging, says Assistant U.S. Attorney William Ridgway, a featured speaker at ISMG's Fraud Summit Chicago on May 19.
Partners HealthCare System is the latest healthcare organizations to suffer a data breach following a phishing attack. But why did Partners wait five months to issue a breach notification, when HIPAA requires notifications within 60 days?