Citi's settlement with two states over a breach that exposed 360,000 cards will likely set an example for other states. One expert says banking institutions will likely pay more damages when accounts are compromised.
The massive initiative to deploy continuous monitoring at U.S. federal government agencies will be done in phases, with the initial rollout occurring over three years, the Department of Homeland Security's John Streufert says.
Iris scanning is becoming old hat for authenticating individuals entering secured facilities or crossing international borders, but it remains several years away for use in providing access to IT systems.
A new cross-device malware strain that has been linked to last year's High Roller attacks is defeating dual-factor authentication. Experts explain why banking institutions worldwide should be on alert.
Organizations incorporating social media into their daily operations tend to have gaps in policies, and key aspects are often an afterthought, says attorney David Adler, who pinpoints areas to address.
A malware attack that exploited a point-of-sale vulnerability of a select group of Kentucky and Southern Indiana retailers has now been linked to attacks against Schnuck Markets Inc. and four other merchants.
The National Institute of Standards and Technology has issued new guidance for designing cryptographic key management systems that describes topics designers should consider when developing specifications.
Account takeover techniques are getting more sophisticated; new "account checkers" are helping hackers automate their processes. The trend is just one more reason why we need advanced forms of authentication.
White House Cybersecurity Coordinator Michael Daniel sees significant savings in continuous diagnostics because the automated approach to identifying systems vulnerabilities could replace costly checklist compliance reporting.
In the wake of Arbor Network's recent discovery of a new botnet that's brute-forcing passwords on WordPress sites, security experts, including Nick Levay of Bit9, recommend beefing up password security on web applications.
Consolidating Microsoft Active Directory isn't just a technical challenge, but a personnel one as well. Just ask Johnson Matthey's Steve Way, who had to calm dozens of administrators he labels as "masters of their own universe."