Francoise Gilbert of the IT Law Group won't give Zappos an "A" for how the online retailer reacted to its recent data breach. So, what can organizations learn from the incident, so they're better prepared?
NIST proposes the establishment of an independent identity ecosystem steering group, led by the private sector but working with the federal government, to help create an environment to assure the security of online transactions.
"The misfortune here for the banks is that they can have the best fraud-detection systems out there ... but it all breaks down when they call the 'hacker' to verify the transaction," says Gartner's Avivah Litan.
Citigroup has confirmed its consumer banking sites were temporarily offline Friday because of what a bank spokesman referred to as temporary outages. Hackers with Anonymous have claimed to be behind the attacks.
Although insider-threat incidents within organizations tend to be different case-by-case, says Carnegie Mellon University's Dawn Cappelli, there are similarities and patterns that organizations can look for when mitigating their risks. What are some of the common characteristics among insiders, and how can...
Verisign, operator of two of the 13 root name servers that route traffic on the Internet, has revealed that outsiders attacked its computer network several times in 2010, but top management did not learn of the incidents until September 2011.
Consumer behavior is the biggest concern when it comes to online risks posed by social media. But Bill Wansley of Booz Allen Hamilton says financial institutions can manage those risks. What steps does he recommend?
Establishing an effective security incident response program is a key component of an information risk management strategy. And NIST has issued draft guidelines to help organizations implement such a program.
The hacking group Anonymous Brazil has targeted the websites of several of Brazil's top financial institutions, including Banco Bradesco and Banco do Brasil, with distributed denial-of-service attacks, leaving the sites in the dark, the Associated Press reports.
Rep. Dan Lungren, the bill's chief sponsor, contends the regulatory approach taken by his bill would be less intrusive on the private sector than proposed Senate legislation and a plan by President Obama.
"These changes might not otherwise be troubling but for one significant change to your terms of service: Google will not permit users to opt out," the leaders of a House panel say in a letter to Google CEO Larry Page.
IT security provider Symantec says it identified multiple publisher identifications on the Android Market that are being used to push out Android.Counterclank, which it characterizes as a bot-like threat that can receive commands to carry out certain actions, as well as steal information from the device.