Figuring out how Edward Snowden breached NSA computers is sort of like solving a puzzle. Take public information and match it with an understanding of how organizations get hacked, and the pieces seem to fall into place.
Attorneys discuss the significance of the 10-year prison sentence for hacker Jeremy Hammond, who pleaded guilty in connection with a 2011 breach of Stratfor, a global intelligence firm that provides services to the U.S. government.
FS-ISAC has issued a white paper with tips on streamlining third-party software risk assessments. One member of a new working group explains why the adoption of standard security controls is so critical.
U.S. Attorney Steve Wiggington says identity theft, especially linked to card skimming, is still the No. 1 fraud threat facing financial services institutions as well as consumers. He stresses information sharing is critical for fighting fraud.
Computer scientists at the Georgia Institute of Technology are developing new ways to apply encryption when storing or searching data in the cloud, says Paul Royal, associate director of the university's information security center.
Financial institutions and businesses in other sectors must continually collect information about their online customers to ensure stronger authentication, says Avivah Litan, a fraud expert and analyst for the consultancy Gartner.
The breach of a card loyalty marketing company has reignited discussions about the roles banking institutions, regulators and others play when it comes to mitigating third-party risks. Where should the buck stop?
Organizations must guard against making three common mistakes when conducting an investigation of a data breach or fraud incident, says attorney Kim Peretti, a former Department of Justice cybercrime prosecutor.
The National Institute of Standards and Technology continues to collaborate with the National Security Agency on its IT security guidance even as it investigates whether the spy agency meddled with one of its special publications.
As major cloud vendors, including Salesforce, integrate identity and access management features into their platforms, security professionals must size up the role that stand-alone IAM systems will play in the long run.