It's springtime in San Francisco: cue the annual RSA Conference. Here are some notable trends that have already emerged from the event, ranging from ransomware and phishing attacks to hacker self-promotion and Facebook fakery.
The trend across industries is that automation results in a drastic reduction of operational job roles, even as it brings in economies of efficiency. What then does automation in security mean for the profession?
Mobility and IoT are acknowledged by security practitioners to be a whole different beast when it comes to management. MetricStream's French Caldwell says that GRC likewise needs to change its paradigm to accommodate this disruption.
How many networking vendors - like Juniper - have been selling devices with backdoors attackers could use to intercept and decrypt communications? Some networking giants say they've launched code reviews. But why are eight vendors staying silent?
Turns out electronic learning products can be bad for children's privacy - and for their parents too. The VTech breach highlights how, despite repeated warnings, too many manufacturers continue to not take security seriously.
For years, information security experts have been warning users to create complex, unique passwords, and organizations to secure them properly. But an analysis of 12 million cracked Ashley Madison passwords shows how much we're still failing.
Blue Coat CTO Dr. Hugh Thompson speaks about the future of security, the constants that need attention, and lessons to be learned from the U.S. when it comes to writing meaningful breach notification laws.
Nothing says "you really screwed up" like receiving the Pwnie Award for "Most Epic Fail" at the annual Black Hat conference. Hence it's no surprise that in the wake of its mega breach, the win goes to the U.S. Office of Personnel Management.
Just two weeks after an international, FBI-led operation disrupted the notorious hacking forum Darkode, leading to 70 arrests, a supposed site administrator has claimed the forum will reboot on the "dark Web." But security experts question those claims.
A new breach reported by Heartland Payment Systems won't get much attention. But this incident could be more damaging to the undisclosed number of consumers affected than was Heartland's 2008 payment card breach.
Prosecutors love to tell judges that sentences for hackers and cybercriminals must be strong enough to deter future such crimes. But as the case of Silk Road mastermind Ross Ulbricht shows, they've failed to make the case for deterrence.
Are you heading to RSA Conference 2015 in San Francisco? If so, be sure to connect with Information Security Media Group. We'll be out in full force on the Expo floor, as well as running a number of must-attend sessions and events.
Target is the high-profile example, but many organizations have been breached through third-party vulnerabilities. Where are the security gaps, and how can they be filled? BitSight's Stephen Boyer offers insight.