What not to do after a breach? Share your incident response plan with your attorney and say, "Don't pay too much attention to it; we don't follow it." Randy Sabett of Cooley LLP discusses this and other lessons learned from breach investigations.
It's no secret that the healthcare industry is increasingly under attack by cybercriminals. And risky end-user behaviors are only exacerbating the threat. Yet, user awareness training is always a challenge for organizations. How do you effectively train users to stop clicking on links or opening attachments? This...
The insider threat. It could be the malicious insider who intentionally sets out to commit fraud, steal intellectual property or cause damage. Or else it could be the so-called "accidental insider" who makes a mistake or is taken advantage of by an external threat actor. Either way, the business impact is real, and...
November 1 ushers in a whole new era of breach notification requirements for Canada. What are the new standards, and how prepared are Canadian organizations? In this edition of Security Agenda, attorney Imran Ahmad of Miller Thomson LLP shares insights. Among them:
"In many ways, Canada had been playing catch-up to...
How has the fraud landscape shifted in the U.S. since the introduction of EMV payment card chip technology?
Well, we all know here has been a reduction in card-present fraud and an increase in card-not-present crimes. But what does this mean to an individual retail CISO?
Shamoun Siddiqui, CISO at retailer Neiman...
This monthly Security Agenda will highlight some of the most recent additions to our course library. This month's edition features the world's first CISO, Stephen Katz, discussing how the role of the modern CISO has evolved. Another key influencer, Gartner's Avivah Litan, discusses the lure of blockchain. This edition...
About 30 new health data breaches - including a phishing attack impacting 1.4 million individuals - have been added in recent weeks to the official federal tally, pushing the total victim count for 2018 so far to 6.1 million.
The Forum of Incident Response and Security Teams recently announced the release of new training resources to help organizations build and improve product security incident response teams. Damir "Gaus" Rajnovic of FIRST discusses the global need for these resources.
Most cybersecurity tools are designed to help identify, alert on, and in some cases prevent a particular type of malicious activity. Current technologies send alerts and may even prevent specific types of attacks, but the burden remains with the organization to figure out whether that alert is meaningful in a broader...
Getting employees involved in data security requires explaining the benefits, such as avoiding service interruptions, says Paul Bowen of Arbor Networks, who offers insights on making security part of the daily routine.
As customers spend more and more money online each year, the opportunities for fraud increase in parallel; experts project a loss of $24 billion to payment card fraud by the end of 2018. Payment card fraudsters rely on a sophisticated ecosystem and support network that provides a wide range of credit card details,...
The alluring promise of gold inspired almost half-a-million to risk it all and rush to California in the mid-20th century in hopes of striking it rich. Although gold mining was fruitless for the most part, cunning opportunists profited off of desperate '49ers by selling synthetic gold or mines of no real value. A...
Leading the latest edition of the ISMG Security Report: Cybersecurity expert Brian Honan provides insights on why organizations that are not yet compliant with GDPR need to focus on several key steps. Also: An assessment of the progress women are making in building careers in information security.
Cybersecurity challenges and solutions have evolved greatly since 2002. And so has the Executive Women's Forum, which was founded that year to advance female leaders in the profession. Founder Joyce Brocaglia reflects on the forum's accomplishments and challenges.
Universities throughout Florida are adding more cybersecurity courses in an effort to better train the next generation of practitioners, says Ernie Ferraresso of the Florida Center for Cybersecurity, which recently provided a second round of funding for the effort.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.
