Top IT security and information risk experts, including former RSA Executive Chairman Art Coviello, analyze the struggles Equifax faces in the wake of a massive data breach in the latest edition of the ISMG Security Report.
A major operation to cleanse websites of digital certificates created under questionable circumstances is underway. Google has issued the orders: Purge digital certificates that were issued by Symantec before June 1, 2016.
The landscape of user authentication is changing rapidly. A vanishing perimeter and the continuing explosion of cloud-based applications and mobile devices are blurring old boundaries - creating more islands of identity and forcing organizations to reimagine identity and access strategies. And, with four out of five...
CISOs have plenty to keep them up at night. With data breaches, ransomware incidents and system compromises, security leaders are forced to find ways to beat threats without slowing their pace of business. If they fail to effectively manage those risks, their organizations can face huge consequences.
While process...
Lenovo will pay $3.5 million to the U.S. Federal Trade Commission and 32 states to settle a case brought against it over advertising software with serious security issues that was preinstalled on thousands of the company's laptops.
Angler phishing targets customers of financial services firms more often than any other industry. When a customer tries to connect to with you, the attacker responds through a lookalike social media account and tries to obtain your customer's account credentials. This can lead to real monetary losses, a damaged brand,...
The ISMG Security Report leads with views on a novel way to fund the growth of the United States military's Cyber Command by seizing assets such as digital currencies from hackers and other criminals. Also, we offer tips on how to recruit scarce IT security pros.
From a security perspective, moving your applications and data to AWS does not necessarily eliminate or minimize your security challenges. Regardless of their location - public, private cloud or physical data center - your applications and data are an attacker's target, and protecting them in AWS introduces the same...
Join this webinar to learn about the new Directive on Payment Services (PSD2), and the impact it has on European banks and financial service providers. This new regulation is expected to change the way we interact and consume digital banking.
Are you going to check the box? Or are you going to leverage the...
Nationwide Mutual Insurance Co. will pay a $5.5 million settlement and update its security practices as a result of an agreement with attorneys general in 32 states and the District of Columbia in the wake of a 2012 data breach affecting more than 1.2 million individuals.
Britain's home secretary claims that "real people" don't really want unbreakable, end-to-end encryption - they just like cool features. Accordingly, she asks, why can't we just compromise and add backdoors, thus breaking crypto for everyone?
Christopher Painter, who has advocated for diplomatic engagement with cyber friends and foes alike, is leaving his post as coordinator of cyber issues at the State Department, a job he has held since early 2011.
Demands by politicians that people must be willing to surrender their privacy rights to help security services battle cybercrime are shorthand for governments having significantly underinvested in the required resources, says information security expert Brian Honan.
Australia plans to introduce new laws by the end of the year that would compel technology companies to provide access to encrypted communications under legal orders. Tech companies are bristling.
In a global effort to shutter the darknet platform Elysium, which facilitated child sexual abuse and counted 87,000 members, police in Europe have so far made 14 arrests.
