While most organizations are focusing on compliance, they are ignoring basic human-factor security risks that technology cannot fix, says Hord Tipton, executive director of the International Systems Security Certification Consortium, better known as (ISC)Â².
While massive DDoS attacks were dominant in 2013, this year, smaller application-layer attacks going after such things as log-in pages and password files are far more common, says Rich Bolstridge, chief strategist, financial services, at Akamai Technologies.
Researchers at Dell SecureWorks have identified some 146 unique malware families that are targeting cryptocurrencies. Approximately 100 of those have emerged in just the last year, says Pat Litke, security analysis adviser for the company's CyberThreat unit.
Although the growth of cloud-based data centers offers opportunities to more rapidly deploy applications, it also raises new security issues, says Steve Pao, senior vice president at Barracuda Networks.
Simple credentials, such as passwords, are a hacker's best friend, says Phillip Dunkelberger of Nok Nok Labs, a founding member of the FIDO Alliance. That's why the alliance is working to reduce reliance on passwords by enabling advanced authentication.
Dan Clements of IntelCrawler, the research firm that claims it traced malware apparently used in the Target breach and other retailer attacks, outlines steps merchants, banks and others should take to secure their networks.
Distributed generation and plug-in motor vehicles are among the emerging security challenges to the smart grid. In an RSA 2014 preview, Gib Sorebo of Leidos discusses the threats to utilities and consumers.
Lawsuits that card issuers have filed against Target to help recoup expenses associated with the retailer's breach aren't likely to reap big rewards, two legal experts say. But they are sending a strong message.
Despite their differences on certain issues, the Financial Services Roundtable and the Retail Industry Leaders Association have joined forces in an effort to prevent breaches by enhancing cybersecurity and threat intelligence sharing.