BitSight Technologies is out with its annual Industry Benchmark Report, and cybersecurity ratings are low for the energy and utilities industry. BitSight's Mike Woodward shares insights for all sectors.
The federal government is licensing a government-built anomaly detection tool known as PathScan to Ernst & Young, which, in turn, will refine the software and market it. In an interview, DHS's Mike Pozmantier explains why the government is offering its technology to the private sector.
Blue Coat CTO Dr. Hugh Thompson speaks about the future of security, the constants that need attention, and lessons to be learned from the U.S. when it comes to writing meaningful breach notification laws.
Thou shalt not reverse engineer Oracle's products. That was the stunning diktat issued by Oracle CSO Mary Ann Davidson in a blog post that some are reading as a declaration of war against the security research community.
Mumbai-based Meru Cabs, which offers online and mobile-app cab bookings, has been inadvertently exposing customer data to the Internet. How did the exposure occur, and what is Meru doing to address the flaw?
As financial institutions update their defenses in light of new types attacks - from scams to network-penetrating cyber-attacks - they need to ensure they factor in all of the ways that their systems and employees might be targeted or manipulated.
Target is the high-profile example, but many organizations have been breached through third-party vulnerabilities. Where are the security gaps, and how can they be filled? BitSight's Stephen Boyer offers insight.
The latest entrant into the password "hall of shame" is Sony Pictures Entertainment. As the ongoing dumps of Sony data by Guardians of Peace highlight, Sony apparently stored unencrypted passwords with inadequate access controls.
Retailers cannot avoid innovation. Yet, cybercriminals thrive when retailers innovate. What, then, can retailers do to stop cybercriminals from breaching their defenses? Here are three key questions to answer.
A Government Accountability Office report on agencies' oversight of the security of contractor-operated IT systems contains the revelation that the U.S. government does not know how many of its systems are run by vendors.
To protect their privacy, organizations should get their IT security staffs involved in vendor-requested audits conducted to verify software licensing agreement compliance, says Gartner Research Director Victoria Barber.
Starting now, healthcare organizations using Microsoft Windows XP-based medical devices better have short- and long-term strategies to address cybersecurity, says medical device security researcher Kevin Fu.