FBI Director James Comey says he has faith in American technological ingenuity to overcome obstacles and give law enforcement the ability to access and decrypt data on the devices of criminals and terrorists.
Would encryption, two-factor authentication and other measures stop a determined adversary from stealing millions of U.S. government personnel files? No, a former CIA CISO says. Read how Robert Bigman would defend against OPM-style cyber-attacks.
Security researchers warn of "Xara" flaws in Apple iOS and OS X that could be used to intercept passwords and banking data, as well as a keyboard app that puts more than 600 million Samsung device users at risk.
Forget attributions of the German parliament malware outbreak to Russia, or Chancellor Angela Merkel's office being "ground zero." The real takeaway is the Bundestag's apparent lack of effective defenses or a breach-response plan.
Wanted: Hackers for hire. Or in British government parlance: "Committed and responsible individuals who have the potential to carry out computer network operations to keep the U.K. safe." Ready to apply?
Mumbai-based Meru Cabs, which offers online and mobile-app cab bookings, has been inadvertently exposing customer data to the Internet. How did the exposure occur, and what is Meru doing to address the flaw?
Laws rarely, if ever, keep up with technology, but even if they could, the consequences could prove more harmful than the benefits. That was evident at a House hearing that addressed default encryption of mobile devices.
For years, security leaders have struggled to find the balance between ensuring strong security and maintaining customer convenience. Benjamin Wyrick of VASCO Data Security says mobility may be the answer.
As financial institutions update their defenses in light of new types attacks - from scams to network-penetrating cyber-attacks - they need to ensure they factor in all of the ways that their systems and employees might be targeted or manipulated.
Psychologically speaking, nothing beats the power of a well-timed deadline. And love it or hate it, Google's 90-day "Project Zero" deadline for fixing flaws - before they get publicly disclosed - has rewritten bug-patching rules.
Apple has unveiled its long-awaited Apple Watch, which the company will begin shipping in nine countries on April 24. Security experts highlight the use of Bluetooth and Wi-Fi as potential security concerns and discuss other security-related issues.
In an application-driven economy, security is not just about deploying controls for protection. It's about being a business enabler, says Steve Firestone, general manager of the security business at CA Technologies.
New exploits linked to Apple Pay aren't compromising the mobile device's security, but instead are taking advantage of lax authentication practices used by banking institutions to verify cards that are loaded to the iPhone for Apple Pay purchases.
Security leaders expect the new Union budget to give a needed boost to cybersecurity education, as well as increased investment in critical infrastructure, biometrics and surveillance to fight cybercrime.
Manufacturers of PCs and mobile devices must end the practice of preloading "bloatware." Lenovo's experience with offering "free" adware shows the hidden security and performance tradeoffs buyers must endure.