The notion of patching the most critical vulnerabilities is outdated and ineffective thanks to today's black market for exploit kits, says Kevin Flynn of Skybox. Evaluating the exposure and context of holes in your organization is crucial to shoring up defenses, he says.
If the Equifax breach turns out like every other massive data breach we've seen for more than a decade, after a big brouhaha - from Congress, state attorneys general, consumer rights groups and class-action lawsuits - nothing will change, because that would require Congress to give Americans more privacy rights.
The massive Equifax data breach has already led to the filing of more than 30 lawsuits against the data broker - one demanding up to $70 billion in damages. At least five state attorneys general have launched formal investigations, while several Congressional committees have promised hearings.
The Equifax breach revealed on Thursday is more significant that other mega-breaches because of the nature of the data that was potentially exposed, says cybersecurity attorney Imran Ahmad. He'll be a featured speaker at ISMG's Toronto Fraud & Breach Prevention Summit on Tuesday.
Oracle's Joshua Brooks understands why those charged with information security compliance can, at times, be overwhelmed when they must deal with frameworks associated with PCI, HIPAA, FedRAMP, ISO 270001 and NIST 800-53, to name a few.
A federal judge has ruled that a consolidated class-action lawsuit filed by those affected by the Yahoo data breaches can proceed. The ruling means Yahoo's corporate parent, Verizon, will face a suit that could eventually lead a court to attempt to quantify the financial impact of leaked data.
Verizon has made a strong case for continual PCI DSS awareness with its new study of payment card data security. But like many vendors that conduct their own studies supporting their business cases, Verizon makes suspect logical stretches.
Learn about the new Directive on Payment Services (PSD2), and the impact it has on European banks and financial service providers. This new regulation is expected to change the way we interact and consume digital banking.
Are you going to check the box? Or are you going to leverage the directive to grow your...
Fraudulent social media brand pages are often used for phishing, malware, and other scams which negatively impact your customers and damage your brand reputation. How can organizations take action against these accounts?
Download this whitepaper and learn how to:
Identify fraudulent accounts;
Create an organized...
The FBI, Gartner, and many other security analysts cite social media as one of the fastest growing security threats. That is why it is important for security teams at organizations with a significant social media presence to gain an understanding of this new attack surface and develop a plan to protect the...
Little has been done to address the social media hacking problem despite continued headlines. Most organizations lack the protective countermeasures or the expertise to mitigate risk and respond to incidents. Few companies know how to re-gain control after an account compromise or how to prevent an attack in the first...
Social media account takeovers have become synonymous with embarrassing headlines that feature well-known companies and figures. If your organization has a prominent account, cyber attackers will see you as a ripe target.
Download this whitepaper and learn:
How these takeovers are possible;
Why the complexity of...
Leading the latest edition of the ISMG Security Report: An interview with the head of a new cyber initiative to help political campaigns and local, state and federal election officials safeguard America's electoral process. Also, analyzing the evolving characteristics of the healthcare breach.
For many organizations, fighting the growing threat of ransomware doesn't necessarily have to mean investing in new technologies, says Robert Arandjelovis of Symantec.
The front line to battle Russian hackers is shifting to American courts, according to the lead story in the latest edition of the ISMG Security Report. Also, malware targets Apple's operating system and a preview of the ISMG Fraud and Breach Prevention Summit in New York.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.co.uk, you agree to our use of cookies.