Too many security awareness and education programs fail because they're boring, says Lance Spitzner, research and community director for the SANS Institute's "Securing the Human" program. Read his suggested fixes.
LabMD's recent victory in its long legal battle with the Federal Trade Commission will be short-lived, the medical testing lab's CEO predicts. Find out why, and what changes Michael Daugherty hopes the case will bring to FTC's enforcement practices.
As the unfolding investigation into the Paris attacks shows, just sharing threat-related data - without adding the crucial context that turns it into actionable intelligence - won't help organizations block attacks.
As U.S. merchants shore up physical point-of-sale security by upgrading their terminals to accept EMV chip cards, attackers are turning their aim toward new, unattended targets. Here's the latest on how to respond to "shimming" attacks.
The annual Black Hat Europe conference this year once again brought together numerous information security aficionados in Amsterdam for the latest training and security insights. Here are visual highlights from the conference.
Here's how police and intelligence officials in Europe and the United States are collaborating to identify and disrupt the network of people that planned, supported and launched the Nov. 13 terror attacks in Paris.
The FFIEC's updated guidance for bank examiners, released this week, stresses that executives and boards of directors must approve IT plans that contain strategies for addressing emerging and ongoing cyber threats.
Hartford Hospital and its business associate, EMC Corp., have agreed to pay a fine as part of a health data breach settlement with Connecticut's attorney general. Learn about the size of the financial penalty and other settlement details.
Distributed-denial-of-service attacks on banks are more powerful than ever, but we hear less about them than we did three years ago. How have attackers changed their tactics, and why should we be even more concerned about their strikes?
To avoid having their organizations exploited by teenage hackers, boards of directors worldwide need to get serious about security. Here are five lessons to be learned from the latest TalkTalk data breach.
As more banks and government agencies stop providing free BlackBerries to employees, the beleaguered smartphone manufacturer is attempting to reboot with the launch of its first Android smartphone, dubbed Priv for privacy.
Even though the U.S. is migrating to the EMV chip, Visa is still stressing the need for merchants to comply with the PCI Data Security Standard, says Eduardo Perez, the card brand's senior vice president of payment risk, in this video interview.