Put together, two IRS audits illustrate a major concern many security pros have about FISMA audits: They're checklists of whether organizations comply with regulations that require specific processes but do not determine if the processes are effective.
Organizations in all business sectors should take a series of steps to guard against "visual hacking," a low-tech method used to capture sensitive, confidential and private information for unauthorized use.
In new guidance from the PCI Council, its leaders outline why businesses that handle card data need to address employee education. Here, experts explain why this guidance is a positive step for card security.
The annual Amsterdam gathering of information security aficionados detailed the very latest hacking threats, including cybersecurity attacks via drone, sniffing data from fitness devices, and exploiting ATMs using Raspberry Pi computers.
Sophisticated threats require advanced threat protection. A threat-focused next-generation firewall must adhere to three strategic imperatives. Learn how these imperatives improve defense against advanced threats.
Target Corp. and several banking institutions continue to argue back and forth over the retailer's request to dismiss a consolidated class action lawsuit the institutions filed following the retailer's December 2013 data breach.
Amsterdam is again playing host to the annual Black Hat Europe information security gathering, and presenters have promised to cover everything from privacy flaws in wearable computers to two-factor authentication system failures.
The White House cybersecurity coordinator says his comment about his lack of tech expertise being an asset, widely criticized in the blogosphere, was an awkward attempt to express his view that a wide range of skills are needed in the cybersecurity field.
Cybersecurity Coordinator Michael Daniel says much of the Obama administration's efforts will involve getting whatever IT security policy passed on whatever vehicle is available as long as the measure is acceptable to the White House.
An important lesson to learn from the massive JPMorgan Chase breach is that banks can't just focus on protecting card data and online banking accounts; they also must protect their customers' personally identifiable information.
In a wide-ranging interview, the acclaimed expert on cybersecurity strategy addresses the cyberthreat posed by ISIS and explains why Congress is unlikely to enact significant cybersecurity legislation this year.