Understanding threats and identifying modern attacks in their early stages is key to preventing subsequent compromises, and proactively sharing information among organizations is an increasingly effective way to identify them.
The United Kingdom and the United States are both cracking down on healthcare organizations that have experienced information breaches. But they're taking very different approaches. Which approach will prove most effective?
Boards of directors continue to overlook IT risk management, security and privacy as a top agenda item, says Jody Westby of Carnegie Melon CyLab. Where are the organizational gaps that need to be filled?
Intuit and GE veteran Steve Bennett, chairman of the IT security software provider, replaces Enrique Salem, the longtime Symantec executive who had served as the company chief executive officer since April 2009.
Whether intentional or not, software features have the potential to leak sensitive information, corrupt data or reduce system availability. The National Institute of Standards and Technology's latest guidance aims to help organizations minimize vulnerabilities.
Insider fraud schemes at three banks in Minnesota, Texas and California illustrate just how difficult it is for institutions to thwart inside jobs. So what steps should banks take to mitigate their risk?
Today's malware threats are designed to quietly and slowly spread to other hosts, gathering information over extended periods of time that leads to exfiltration of sensitive data and creates havoc. Here's what NIST says organizations should do.