In the largest monetary award obtained by the FTC in an enforcement action, LifeLock has agreed to pay $100 million to settle a case that, in part, stemmed from the identity protection company failing to establish and maintain an information security program to protect customers' personally identifiable information.
Cybersecurity is becoming an issue in the U.S. presidential campaign, finally. That's good news because it's critical in our day-to-day lives. But are the candidates doing the issue justice in the way they address it?
After years of failing to enact cyberthreat information-sharing legislation, Congress is poised to vote on a measure this week that would incentivize businesses to share voluntarily threat data with the federal government and with each other.
New guidance for cyber-resilience, vendor management and breach notification are expected for New York state banks in early 2016. And the tone set by these guidelines may have a ripple effect, influencing the actions of federal banking regulators.
GOP presidential hopeful Carly Fiorina proposes standing up a centralized cyber command that would be responsible for all aspects of government IT security response. But such a plan could face resistance in Congress if it gives the military authority over federal civilian cybersecurity.
Security experts are warning that Internet-connected devices - including toys - should be treated as insecure and untrusted until proven otherwise. Have our collective information security shortcomings ever been more seasonally appropriate - or scarier?
New details emerging about a breach involving a former Morgan Stanley employee illustrate how a case of inappropriate access to data can blossom into something much more serious. The case shines a spotlight on the urgent need to mitigate insider threats.
Passage of cyberthreat information-sharing legislation could hinge on how the measure is presented to Congress, and its fate could be tied to a massive omnibus appropriations bill to fund the federal government for the remainder of fiscal 2016.
Wyndham Worldwide Corp. has agreed to a settlement with the FTC over charges stemming from the hotel chain's three security breaches in 2008 and 2009 that exposed 619,000 payment cards and other personal information.
The Data Security Act of 2015, approved by the House Financial Services Committee, would create a national data breach notification requirement and spell out data security standards businesses must follow, usurping 47 state laws.
Cyberattacks against U.S. banks will continue to increase in 2016, making cybersecurity oversight and AML enforcement focal points for regulators, says Walter Mix, a former commissioner of the California Department of Financial Institutions.
A U.S. House committee recently passed legislation that's aimed at helping law enforcement bring to justice cybercriminals from other nations who buy and sell payment card data stolen from U.S. citizens. But would it really help the global fight against cybercrime?
Turns out electronic learning products can be bad for children's privacy - and for their parents too. The VTech breach highlights how, despite repeated warnings, too many manufacturers continue to not take security seriously.
Determining the "fairness" of Target's proposed $39 million settlement with financial institutions affected by the retailer's 2013 breach is impossible until we find out the answers to many questions, including how many banks and credit unions qualify.
Target Corp. has reached a proposed $39.4 million settlement with a group of financial institutions that sued the retailer over fraud losses and expenses suffered as a result of Target's December 2013 data breach.