The advanced and persistent nature of today's cyber-attacks, which are often waged by nation-states, is changing the way organizations address network security, says BitSight CEO Shaun McConnon.
As more mega-breaches occur, cyber-insurers will more closely assess the security risks of potential clients, leading more organizations to improve their information security programs, attorney John Yanchunis predicts.
Application security is not keeping pace with evolving attacks, says Prasenjit Saha, a CEO at the consultancy Happiest Minds Technologies. One problem: lack of a standard, secure coding process in the application development life cycle.
The FFIEC warns U.S. financial institutions that they're at increased risk from attacks that are designed to harvest large amounts of credentials, as well as from destructive "wiper" malware attacks.
Premera Blue Cross already is facing five class action lawsuits in the wake of its massive data breach. Meanwhile, its CEO has provided some answers to questions posed by a U.S. senator regarding the hacker attack.
DDoS attackers have been targeting the popular code-sharing website GitHub. Security experts say the massive attacks appear to have originated from China and been designed to disrupt access to GitHub-hosted anti-censorship tools.
Slack Technologies, a tech start-up that offers a group chat tool, announces it's rolling out two-factor authentication after hackers breached a database of user profile information.
The House Intelligence Committee has approved cyberthreat information sharing legislation that its leaders developed. Meanwhile, a national data breach notification bill has been introduced that's modeled on language proposed by the White House.
Efforts by some Democratic members of a House subcommittee to amend a national data breach notification bill so that states could retain tougher data security requirements have failed. The measure now advances to a full committee.
Three state insurance commissioners are launching a joint investigation into the cyber-attack against Premera Blue Cross, which exposed personal data of 11 million individuals nationwide. Find out what will be examined.
Psychologically speaking, nothing beats the power of a well-timed deadline. And love it or hate it, Google's 90-day "Project Zero" deadline for fixing flaws - before they get publicly disclosed - has rewritten bug-patching rules.
A former systems administrator at a Romanian financial services institution has been extradited to the U.S. and charged with orchestrating an international hacking scheme that included attacks on medical offices, retailers and security firms.
Despite high-profile attacks and publicity, advanced persistent threats continue to strike organizations in all sectors. How can security leaders improve defenses? ThreatTrack's Usman Choudhary offers advice.
Community banking institutions are at great risk of cyber-attack because they often don't think they're targeted, says Scott McGillivray of Pacific Continental Bank, who describes how to convey this risk to senior management.
Target Corp.'s pending settlement of a consumer class action lawsuit is more about public relations than compensating victims, some observers say. But will it have an impact on a pending suit filed by banks?
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.