The internet of things is being compromised by malware-wielding attackers exploiting default credentials baked into devices. What will it take for manufacturers to ship devices that are secure by default?
The U.S. Office of Personnel Management breach continues to reveal such staggering levels of information security problems, paper-pushing and seeming incompetence that it's creating a new cyber-espionage category: the "victim-as-a-service" provider.
Initial reports suggested that Russian hackers could behind an attack against JPMorgan Chase, and perhaps other U.S. banks. While it's still far from clear who the culprits are, experts discuss the potential hacking motivations of a nation-state.
A multi-layered approach known as "context-aware security" is the most effective strategy for fighting both insider and external cyberthreats, says Gartner analyst Avivah Litan, who explains how this strategy works.
White House Cybersecurity Coordinator Michael Daniel sees significant savings in continuous diagnostics because the automated approach to identifying systems vulnerabilities could replace costly checklist compliance reporting.