An organization's security is only as strong as that of its partners, says Mandiant Director Charles Carmakal, who offers insight on common attack trends emerging from recent data breach investigations.
A year after LinkedIn confirmed its network had been breached, reportedly exposing 6.5 million hashed passwords, the social media company is offering users the option of adopting two-factor authentication.
How could global fraudsters steal $45 million from banking institutions without being detected or stopped? It was a process breakdown, not a technology failure, says fraud expert Avivah Litan of Gartner.
A result of recent DDoS attacks targeting American banks and the lackluster OpUSA campaign against the federal government has been improved sharing of threat information, former DHS cybersecurity leader Mark Weatherford says.
Breaking into the IT security field - a male-dominated profession - is a challenge for women. Lisa Xu, CEO of NopSec, identifies the hurdles she had to overcome and offers strategies for women to grow in their careers.
A House panel establishes a bipartisan supply chain working group to explore the federal government's role in helping industry assure that IT and telecommunications wares they buy abroad are safe from exploits.
A variation of hack-back - in which a victim of a cyber-attack assaults the assailant's computer or network - could be used to mitigate the theft of intellectual property, according to the Commission on the Theft of American Intellectual Property.
NIST's Ron Ross sees the cloud as helping to reduce the complexity of keeping data secure. But security expert Eugene Spafford of Purdue University offers a different viewpoint in the first part of a two-part joint interview.