Security expert Sean Sullivan isn't surprised that the massive 2014 breach of Yahoo, which exposed at least 500 million account details, only recently came to light. Here's why, as well as what users must learn from this breach.
At a time when India needs its leaders to spell out practical new ways to address its evolving cybersecurity challenges, Ravi Shankar Prasad, minister of IT and law, unfortunately chose to mainly rehash ongoing efforts in a recent presentation. What should be on the to-do list?
In an interview, Greg Temm, the first chief information risk officer at the Financial Services Information Sharing and Analysis Center, says he'll focus on helping members analyze cyberthreats and expand global threat intelligence sharing.
Tens of thousands of Cisco Adaptive Security Appliance devices remain vulnerable to a zero-day exploit released last month as part of the Equation Group toolset dump by Shadow Brokers, according to scans conducted by security firm Rapid7.
The need for an adaptive security approach, the shift from breach prevention to detection and a surge in spending on information security were some of the key themes at the recent Gartner Security & Risk Management Summit in Mumbai.
A report on the implications of failing to notify manufacturers of security flaws in their medical devices and a conversation with internet co-founder Vint Cerf highlight the latest edition of the ISMG Security Report.
Agari's John Wilson doesn't just fight email fraud schemes - he also is the occasional target. What have the fraudsters inadvertently taught him about their latest tactics? And how can these lessons help organizations to improve their defenses? Find out in this video interview.
The Equation Group leak revealed a zero-day flaw in Cisco's firewall software - a patch is being prepped - as well as a vulnerability in Fortinet's software that's since been patched. Has the U.S. government long known about the flaws?
CEO fraud campaigns are becoming far more common. A recent attack against our company was deflected because of the alertness of a staff member who received a fraudulent wire transfer request, illustrating why well-informed employees truly are the best lines of defense against these schemes.
A recent interview about Hillary Clinton's email server controversy drew numerous comments, with respondents divided over whether users will devise ways to circumvent systems safeguards to do their jobs more effectively. Join the conversation.
Businesses on both sides of the Atlantic are lauding the new U.S.-EU Privacy Shield, which gives them a legal way to handle Europeans' personal data. But privacy rights groups have criticized the agreement for falling short of the EU's own privacy protections.
Missing from the analysis and debate regarding the U.S. government's decision not to prosecute presumptive Democratic Party presidential candidate Hillary Clinton for using a private email server while secretary of state is this simple fact: Secure IT systems aren't tailored to function the way people behave.
One of the core values of the cybersecurity framework is to facilitate communication among various stakeholders coming from different technical and managerial backgrounds who must collaborate to build secure IT systems, NIST Program Manager Matt Barrett explains in an interview.